If you’ve read this book, you already know that a well-written rootkit will not be detected by anti-virus software. And if you’ve looked at the browser exploit in Chapter 11, you already know how easy it is to insert a rootkit onto a machine through a web page. These two circumstances should lead to the conclusion that rootkit prevention requires security enhancements not offered by conventional security software. Fortunately, a recently developed field of security, host-based intrusion prevention systems, or HIPS, can be used to prevent intrusion by hardening, virtualizing, or blocking unexpected operations.