Linux Today: Linux News On Internet Time.

ZDNet Australia: Threats Move Beyond Linux to Windows

Dec 11, 2002, 08:30 (8 Talkback[s])

[ Thanks to Bojan Smojver for this link. ]

"UNIX admins have been dealing with rootkits since the early 1990s, when the first ones to be discovered were exploiting SunOS 4 machines. Now, Windows admins must get up to speed, because rootkits are also being used to attack Windows NT and 2000 systems.

"Hackers can obtain user-level security privileges and install a rootkit, which is basically a collection of tools, to compromise a system or network. The rootkit will exploit a known system vulnerability or crack a password for a user with administrator-level privileges and will then cover the hacker's tracks, making them difficult to detect. The best way to protect your network against rootkits is to know how they work and what type of damage they can do.

"One of the primary purposes of a rootkit is to allow an attacker unfettered and undetected access to a compromised system at some point in the future. One way that a rootkit can do this is by installing a backdoor process or by replacing one or more of the files that run the normal connection processes, such as telnet or ssh. Within the Linux platforms, most rootkits also replace some system commands such as ls, ps, netstat, and who..."

Complete Story

Related Stories: