 |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  |  | |
| By N2H | ||||||||||||||||||||||
Rootkits
December 18, 2009
A rootkit is software that allows a hacker to gain access to a system using a user account and increase their privileges to the same level as the administrator or sometimes they exploit the vulnerabilities in the operating system to hide the execution of certain processes running in the background. A root kit modifies the system kernel so that it can gain access to the system or evade authentication procedures on the established system, after gain access to the system it can then be able to do what it wants from key logging activities, changing of application system resource priorities to creating backdoors in the system
Rootkits are difficult to detect because they hide these processes and even the task manager cannot see these processes. Even when a network administrator runs netstat, he cannot see the opened connection established by a rootkit. Many root kits are developed or programmed to circumvent the antivirus programs and antispyware programs that don’t have current updates. (Stewart, 2004)
Comments
Got something to say?
-
Recent Posts
- TCP vs UDP
- Rootkits
- SQL injection attack
- Security policy: standards, guidelines and procedures
- Symmetric key Vs Asymmetric encryption
- Intrusion detection system Vs Intrusion prevention systems
- Factors influencing FAR & FRR in Biometrics
- Authentication methods
- How project scope contributes to project success
- Reasons for decomposing a project
Powered by FireStats