Our website is made possible by displaying online advertisements to our visitors.
Please consider supporting us by disabling your ad blocker.

Responsive image


Rootkit

A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence or the existence of other software.[1] The term rootkit is a compound of "root" (the traditional name of the privileged account on Unix-like operating systems) and the word "kit" (which refers to the software components that implement the tool).[2] The term "rootkit" has negative connotations through its association with malware.[1]

Rootkit installation can be automated, or an attacker can install it after having obtained root or administrator access.[3] Obtaining this access is a result of direct attack on a system, i.e. exploiting a vulnerability (such as privilege escalation) or a password (obtained by cracking or social engineering tactics like "phishing"). Once installed, it becomes possible to hide the intrusion as well as to maintain privileged access. Full control over a system means that existing software can be modified, including software that might otherwise be used to detect or circumvent it.

Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it. Detection methods include using an alternative and trusted operating system, behavior-based methods, signature scanning, difference scanning, and memory dump analysis. Removal can be complicated or practically impossible, especially in cases where the rootkit resides in the kernel; reinstallation of the operating system may be the only available solution to the problem. When dealing with firmware rootkits, removal may require hardware replacement, or specialized equipment.

  1. ^ a b Cite error: The named reference McAfee1 was invoked but never defined (see the help page).
  2. ^ Evancich, N.; Li, J. (2016-08-23). "6.2.3 Rootkits". In Colbert, Edward J. M.; Kott, Alexander (eds.). Cyber-security of SCADA and Other Industrial Control Systems. Springer. p. 100. ISBN 9783319321257 – via Google Books.
  3. ^ "What is Rootkit – Definition and Explanation". www.kaspersky.com. 2021-04-09. Retrieved 2021-11-13.

Previous Page Next Page






أدوات التأصيل Arabic Rutkit AZ Руткит Bulgarian Rootkit BR Eina d'intrusió Catalan ڕۆتکیت CKB Rootkit Czech Rootkit German Rootkit Greek Ĉefuzula ilaro EO

Responsive image

Responsive image