Rootkits: Subverting the Windows Kernel

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] [Z]

Languages, type-safe

Latching Late-demand binding Layered drivers

     file filter

     keyboard sniffers

     KLOG rootkit for

LDTs [See Local Descriptor Tables] LED keyboard indicators

LGDT instructionLibraries

     compiler     linkingLIDS [See Linux Intrusion Detection System]LIDT [See Load Interrupt Descriptor Table instruction] Linkage key

Linkages

Linking libraries

Links, symbolic

     for fusion rootkits

     in rootkit detection

Linux

Linux Intrusion Detection System (LIDS)

LIST_ENTRY structure 2nd 3rd

ListProcessesByHandleTable function

Load Interrupt Descriptor Table (LIDT) instruction

Loading

     drivers 2nd

     rootkits

LoadLibrary function 2nd 3rd LoadResource function

Local addresses

     creating

     endpoint associations with

Local Descriptor Tables (LDTs)     purpose of     table-indicator bit in

Locally Unique Identifiers (LUIDs)Logging     debug statements     processes

Loki tool Look-ahead buffers in NDIS 2nd LookupPrivilegeValue function Lookups, page-table LUID_AND_ATTRIBUTES structureLUIDs [See Locally Unique Identifiers]