Welcome to 9-Zone Security, Secure yourself.
ROOTKITS
Root refers to top level user or
super user or system administrator
A rootkit is a software which is
typically a collection of tools that enable administrator-level
access to a computer or computer network and to hide the
attacker presence on a computer system.
It allows the attacker to mask
intrusion and gain root or privileged access to the computer
and, manipulate the data set the operating system relies on, or
alter the execution flow of the operating system, replace vital
system executables
A rootkit being a collection of several exploit tools may consist of Trojans, spyware used for the purpose of monitor network traffic and keystrokes, create a "backdoor" into the system for the hacker's use, alter log files, attack other machines on the network, and alter existing system tools to escape detection.
Rootkits are designed to be difficult
to detect by normal means of course it depends upon the
programmer’s skill.
Rootkits make way for the attacker to
execute further exploits at an ease. In short it is an
attacker’s spy-agent in the victim’s computer.
Rootkits misguide users as if they
are safe and essential programs to run their systems by
concealing running processes from monitoring programs, or hiding
files or system data from the operating system. They may also
prevent the antivirus scan to work.
The presence of a rootkit on a
network was first documented in the early 1990s. At that time,
Sun and Linux operating systems were the primary targets for a
hacker looking to install a rootkit. Today, rootkits are
available for a number of operating systems, including Windows,
and are increasingly difficult to detect on any network.
Custom Search
|
