PC Security: Rootkits
A rootkit is not a new product that you will find in
the hair care department of your local discount store. A rootkit is something
that is used by malicious hackers to delve into your root file system.
Before programmers are able to write virus definitions for viruses, they
must know that the virus exists, and they must have a copy of that virus
on a computer to see how it operates. To identify a virus on a machine, that
virus must meet two requirements: it must be listed in the virus definition
file, and the virus file must be visible to the virus scanner. If the virus
has a file named the same as a root system file, the virus scanner would
likely ignore it.
A rootkit is a type of virus - and the most dangerous one to date. It hides
virus files in the system, so that virus scanners either can't find it, or
don't recognize it as a virus. A rootkit will prevent the virus files from
showing up in Windows Explorer as well, and choosing the 'show hidden files'
option won't help. They don't even show as running processes in the task
manager. They are like the wind - present, but not seen.
Believe it or not, a reputable company started the entire mess. Sony was
using rootkits back in 2005 to protect their software from being copied.
The rootkits hid the files that were used for copy protection. Of course,
it didn't take long for Hackers to find this code, and use it to their advantage.
You see, any file that begins with $sys$ is invisible to the naked eye on
your system.
Naturally, creators of viruses started making their own rootkits. These rootkits
were distributed to other hackers, who in turn distributed them via viruses
that had various payloads as well. Rootkits were delivered with these viruses
in the usual way - through email attachments and downloads.
Think about your own virus scans. Do you take the time to have the software
scan the boot sector of your hard drive? If not, you should. Some rootkits
can hide in the boot sector. This means that the rootkit loads every time
you reboot your system. A rootkit can even hide from itself! When it is in
the boot sectors, it can take over the operating
systems kernel, which is a program that controls the basic functions of the
hardware. Once it has that control, it has effectively taken full control
of your system, and even higher level operating system programs won't detect
it.
Fortunately, vendors are working on software that will effectively combat
rootkits. Currently, you can get RootKitRevealer, which was created by
SysInternals for free. It isn't perfect, but it's a start.
 PC Security: Index
PC Security:
Internet Browsers
PC Security:
Spam
PC Security:
Stopping Spam Part 1
PC Security:
Stopping Spam Part 2
PC Security: Spam
Scams
PC Security:
Email Security and Spam
PC Security:
Email Security
PC Security:
Computer Viruses
PC Security:
Protecting Computers From Viruses
PC Security:
Worm Viruses
PC Security:
Trojan Horse Viruses
PC Security:
Rootkits
PC Security:
Removing a Virus
PC Security:
Virus Hoaxes
PC Security:
Server Viruses
PC Security:
Home Network
PC Security:
Cell Phone Viruses
PC Security:
Spyware
PC Security:
Firewalls Part 1
PC Security:
Firewalls Part 2
PC
Security: Parental Control Software
PC Security:
Malware - Spyware and Adware
PC Security:
Data Backups
PC Security:
Pop Up Windows
PC
Security: Safe Public Computer Use
More
Articles
Web Development Tutorials
Cascading Style
Sheets Tutorial: An Introduction to Cascading Style Sheets
JavaScript
Tutorial: An Introduction to JavaScript
Web
Development: A step by step guide to developing a successful Internet
business
HTML
Codes Chart: Copy and paste HTML codes for your web page
HTML Tips:
Copy and paste special effect HTML codes for your web page
Web Design
Tips: Tips, tricks, and special effect codes for your web page
JavaScript
Code Snippets: Copy and paste special effect JavaScript codes for your
web page
216
Web Safe Color Chart: Hexadecimal and RGB Color Codes for your web page
ASCII Character
Codes Chart: American Standard Code for Information
Interchange character codes chart
|
|
