A rootkit is a program. Rootkits come in all different shapes and styles, some more advance than others. Rootkits are basically programs that help attackers keep their position as root. Notice it's called a "rootkit". 'root' meaning the highest level of administration on *nix based systems and 'kit' meaning a collection of tools. Rootkits contain tools which help attackers hide their presence as well as give the attacker full control of the server or host continuously without being noticed. Rootkits are usually installed on systems when they have been successfully compromised and the highest level of access has been given (usually root) Some rootkits refuse to be installed until the attacker has root access, due to read and write permission to certain files. Once the system has been successfully compromised and the attacker has root, heshe may then install the rootkit, allowing them to cover their tracks and wipe the log files.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
