Isnin, 16 Jun 2008

Lets know about RootKit

Many of species thread program which can be potential dangerous for our system computer now. All many viruses, worms, trojans can attacked our system. Lets find out what is rootkit? Rootkits is a program or combination of several program designed to take fundamental control like in UNIX OS, and in Ms Windows OS terms Administator of a computer system (Wikipedia). without any authorization by the system's owners its can be access the system, example reset switch. Rootkits act to obscure their presence on the system through subversion or evasion of standard operating system security mechanisms. Often, its process can be hiding from process monitoring that make we difficult to find they all. Rootkits may have originated as regular applications, intended to take control of a failing or unresponsive system, but in recent years have been largely malware to help intruders gain access to systems while avoiding detection, Rootkits exist in variety of operating system such as Ms Windows, Mac Os X, Solaris and Linux. Rootkits often modify parts of the operating system or install themselves as drivers or kerndel modules, depending on the internal details of an operating system's mechanisms.
Type of rooktis are five: firmware, virtualized, library, kernel and application level kits.

How to detected them???
To detected the rootkits, its can be used bys siganture or heuristics based antivirus program. Usually they can be detected by scan all of modules from any programs running or its running in invisible window mode.

Articel source :

Tiada ulasan: