What Is A Rootkit?

Rootkit Definition

A rootkit is a hidden application designed with the purpose of hiding various operating system and program processes from standard detection techniques, while also allowing administrator or root access to the system. Rootkits are used maliciously in the majority of situations, but they are also used for legitimate purposes as well.

They can be installed through automated techniques and also manually by an attacker once they have privileged access to a system through an Administrator or Root account. Once a rootkit has been installed, it can easily cover it's tracks, while maintaining privileged access to operating system processes and files.  There are many types of rootkits in use today and they include,

  1. User mode rootkits
  2. Kernal mode rootkits
  3. Bootkits, which are variants of kernal mode rootkits
  4. Firmware rootkits
  5. Hypervisor level rootkits, which target virtual machine operating systems

Rootkit detection techniques are usually difficult and may require special detection methods. And depending on where the rootkit is embedded, a complete operating system reload may be the only sure approach to removing it from a compromised system. They may also compromise the firmware of hardware components as well.

It support staff protecting a client from the rain

©Smithtechres.com 2013 All Rights Reserved. Website Privacy Policy. Site Map

Share on Twitter Share on Stumble Upon Share on Digg Share on Delicious

Providing cost-effective local computer repair and network support in the middle Tennessee area

Remote Access Portal

Remote Access Icon
Home About Us Onsite Services Online Services Self Help Pricing Blog Inquiries