Madhans Tutorial : Firewall (What is RootKit)

Madhans Firewall(What is RootKit)

What is Root Kit (or Rootkit)? Kit means set of programs or set of tools. Rootkit is a MALICIOUSLY MODIFIED set of tools to get the ROOT access for the Unix Operating System (and other operating systems) When the hacker replaced the original administrative tools on a computer with a rootkit, he is able to access the root prompt and able to conceal his activities from the legitimate administrator. How the hacker installs the rootkit? He may have physical access to the computer. He may exploit a security vulnerability in the system. Rootkits exist for a variety of operating systems, such as Microsoft Windows, Linux, Mac OS, and Solaris. Rootkits often modify parts of the operating system or install themselves as drivers or kernel modules, depending on the internal details of an operating system's mechanisms. What information hackers can steal using this rootkit? Hackers can conceal certain processes from monitoring programs. They can hide files or system data. They can install a back door in your system by replacing the login mechanisam with an executable that accepts a secret login combination which, in turn, allows an attacker to access the system, regardless of the changes to the actual accounts on the system. (coutesy:wiki)

Disclaimer and Copyright

What is root kit, what is rootkit