The Network Security. Org

QuickStudy: Rootkits

If an illegal hacker wants to do something to your system, such as plant a virus, a Trojan horse program or spyware, he has to gain access to the system's root directory and the unlimited power that goes with that access. Once established as root, the intruder can modify system commands to hide his tracks from the systems administrator and preserve his root access. The easiest way to do this is via a rootkit.

Generally, a hacker obtains normal, user-level access to a computer or network by guessing or stealing a password or exploiting some known vulnerability. Then he finds a way to collect user identities and passwords to other machines on that network while simultaneously erasing all evidence of his activity. Years ago, the hacker would have done this by exploiting his direct knowledge of and experience with the system and his personal programming skills. Today the job is simplified -- the hacker can use one of many available rootkits that pretty much automate the process. Rootkits - Computerworld

More News

• Several vulnerabilities closed in the Linux kernel
  



• 8 Best Practices for Encryption Key Management and Data Security
  



• Free Honeypot Client Could Sting Malware
  



• What Firewalls Do & Donot Do
  



• Symantec fingers D Link for bot attacks
  



• WhiteHat: 90% of Sites Still Vulnerable
  



• Red Hat releases free security code
  



• A new type of Bluetooth security
  



• Dude, where is my perimeter?
  



• Scaring users into IT security
  



• VMware fixes security bugs
  



• The top 10 security land mines
  



• Encrypt volumes through a cross platform GUI with TrueCrypt 5.0
  



• The threat of the Ajax Super Worm
  



• eEye to Add Retina Web App Scanner
  



• FTP Hacking on the Rise
  



• Microsoft Patches 12 Office Security Holes
  



• Malware removes rival rootkits
  



• Security holes in VLC media player patched
  



• Five basic mistakes of security policy