Kernel rootkits explained
The tricks black hats use to get access to systems usually leave a lot of traces on the attacked system, that are bound to be noticed by the local system administrator. Wouldn't it be great for a hacker to re-enter a network or a single host without leaving a trace? Isn't this a system admins worst nightmare? If a hacker installed a rootkit, he could re-enter and use the compromised system without leaving a trace. In a worst case scenario the black hat holds the entire network hostage using it for illegal activities. In this article the basics of ‘rootkitting’ will be explained, and how you can protect yourself against them.
[ Read more ]