Username: Save?
Password:
Home Forum Links Search Login Register*
    News: Keep The TechnoWorldInc.com Community Clean: Read Guidelines Here.
Recent Updates
[November 08, 2024, 04:31:03 PM]

[November 08, 2024, 04:31:03 PM]

[November 08, 2024, 04:31:03 PM]

[November 08, 2024, 04:31:03 PM]

[November 08, 2024, 04:31:03 PM]

[October 17, 2024, 05:05:06 PM]

[October 17, 2024, 04:53:18 PM]

[October 17, 2024, 04:53:18 PM]

[October 17, 2024, 04:53:18 PM]

[October 17, 2024, 04:53:18 PM]

[September 09, 2024, 12:27:25 PM]

[September 09, 2024, 12:27:25 PM]

[September 09, 2024, 12:27:25 PM]
Subscriptions
Get Latest Tech Updates For Free!
Resources
   Travelikers
   Funistan
   PrettyGalz
   Techlap
   FreeThemes
   Videsta
   Glamistan
   BachatMela
   GlamGalz
   Techzug
   Vidsage
   Funzug
   WorldHostInc
   Funfani
   FilmyMama
   Uploaded.Tech
   MegaPixelShop
   Netens
   Funotic
   FreeJobsInc
   FilesPark
Participate in the fastest growing Technical Encyclopedia! This website is 100% Free. Please register or login using the login box above if you have already registered. You will need to be logged in to reply, make new topics and to access all the areas. Registration is free! Click Here To Register.
+ Techno World Inc - The Best Technical Encyclopedia Online! » Forum » THE TECHNO CLUB [ TECHNOWORLDINC.COM ] » Ethical Hacking / Security / Viruses » Viruses
 Rootkits - Hidden Hazards on Your System
Pages: [1]   Go Down
  Print  
Author Topic: Rootkits - Hidden Hazards on Your System  (Read 768 times)
Daniel Franklin
TWI Hero
**********


Karma: 3
Offline Offline

Posts: 16647


View Profile Email
Rootkits - Hidden Hazards on Your System
« Posted: September 29, 2007, 03:25:37 PM »




If you're concerned about security on your computer network, there's a new word to add to your vocabulary - rootkit. A rootkit is a set of utilities installed on your computer whose purpose is to hide what other programs are doing. They've been around for a few years, but they didn't really hit the security spotlight until November 2005. That was when researchers discovered that some CDs from Sony were installing a rootkit on user computers as part of their DRM (Digital Rights Management) software. The purpose of the rootkit was to prevent the DRM software from being detected and uninstalled - but there was an unintended side effect. The rootkit opened a security hole on those computers that couldn't be detected by standard security software, and left them vulnerable to attacks by malicious software and hackers.

That's bad news for users and IT professionals who depend on virus and spyware detection programs to alert them to an invader on their networks. Generally, when you're computer is infected by spyware or malware , it can be detected by monitoring your computer activity. You can check the running processes and find programs that shouldn't be loaded. You can run a virus or spyware scanner to find registry keys and files that fit certain patterns. You can monitor activity coming in over a network.

A rootkit makes all of those defenses worthless by hiding the keys, files, processes and communications from your computer operating system. What your computer can't see, it can't report and you can't fix. The methods used to hide the files and processes vary and are getting more and more sophisticated. Most do it by 'hooking' into a process that Windows expects to find running, either by replacing the process files, or by adding itself into them.

With the rootkit in place, the hacker has a virtual backdoor into your system. He can read your keystrokes, record passwords, gather information from your network and change your data and files. A hacker with access to your system through a rootkit can reinstall hacking programs, access your accounts and your users' accounts and wreak general havoc. It's the ultimate Trojan backdoor.

Once a rootkit is installed, it's virtually impossible to detect and remove. When a virus detection or spyware program runs, they don't see the rootkit processes - they see the process that's cloaking it. Some may alter their own files with the details and stats associated with the files that they're replacing so that operating systems don't notice a difference. A sysadmin who is an expert in network security may be able to detect it by running system checks from an uninfected machine, but most agree that once a rootkit has been installed, the only way to be sure you've removed it is to wipe the drive clean and install the operating system.

Because rootkits don't install themselves, you can block them by blocking attempts to penetrate your network. One way to effectuate this is to install a spyware or malware protection program to help prevent rootkits from being installed at the server level or on individual desktops. The key is to practice excellent network security at all times so that you block the programs that install rootkits.

Article Provided By: http://spyware-removal.thrcomputer.com

Articles Source - Free Articles

Logged

Pages: [1]   Go Up
  Print  
 
Jump to:  

Copyright © 2006-2023 TechnoWorldInc.com. All Rights Reserved. Privacy Policy | Disclaimer
Page created in 0.146 seconds with 24 queries.