Skip to main contentdfsdf

Home/ digna summers's Library/ Notes/ Rootkits Hidden Hazards on Your System

Rootkits Hidden Hazards on Your System

from web site

protect america

If youre concerned about safety on your laptop network, theres a new word to add to your vocabulary rootkit. A rootkit is a set of utilities installed on your personal computer whose objective is to hide what other programs are doing. Theyve been around for a couple of years, but they didn't truly hit the safety spotlight till November 2005. That was when researchers found that some CDs from Sony have been installing a rootkit on user computer systems as component of their DRM (Digital Rights Management) software. The objective of the rootkit was to stop the DRM application from getting detected and uninstalled but there was an unintended side impact. The rootkit opened a safety hole on those computer systems that couldnt be detected by common safety computer software, and left them vulnerable to attacks by malicious computer software and hackers.

Thats poor news for users and IT experts who rely on virus and spyware detection applications to alert them to an invader on their networks. Normally, when youre computer is infected by spyware or malware , it can be detected by monitoring your pc activity. You can check the running processes and find applications that shouldnt be loaded. You can run a virus or spyware scanner to uncover registry keys and files that match certain patterns. You can monitor activity coming in more than a network.

A rootkit tends to make all of those defenses worthless by hiding the keys, files, processes and communications from your laptop operating program. What your pc cant see, it cant report and you cant repair. The methods utilised to hide the files and processes differ and are getting more and more sophisticated. Most do it by hooking into a procedure that Windows expects to locate operating, either by replacing the procedure files, or by adding itself into them.

home alarm monitoring

With the rootkit in spot, the hacker has a virtual backdoor into your system. He can read your keystrokes, record passwords, gather information from your network and modify your data and files. A hacker with access to your program by way of a rootkit can reinstall hacking applications, access your accounts and your users accounts and wreak general havoc. Its the ultimate Trojan backdoor.

As soon as a rootkit is installed, its practically not possible to detect and get rid of. When a virus detection or spyware plan runs, they dont see the rootkit processes they see the process thats cloaking it. Some might alter their personal files with the details and stats associated with the files that theyre replacing so that operating systems dont notice a distinction. A sysadmin who is an expert in network security could be in a position to detect it by operating system checks from an uninfected machine, but most agree that once a rootkit has been installed, the only way to be positive youve removed it is to wipe the drive clean and set up the operating technique.

Simply because rootkits dont install themselves, you can block them by blocking attempts to penetrate your network. One particular way to effectuate this is to set up a spyware or malware protection plan to aid avert rootkits from getting installed at the server level or on person desktops. The important is to practice exceptional network safety at all occasions so that you block the applications that install rootkits.

Article Supplied By:

Would you like to comment?

Join Diigo for a free account, or sign in if you are already a member.

digna summers

Saved by digna summers

on Mar 06, 13