The Linux Threat: Rootkits and how to remove them

Discussion in 'all things UNIX' started by Jav, Sep 15, 2010.

Thread Status:
Not open for further replies.
  1. Jav

    Jav Guest

  2. chronomatic

    chronomatic Registered Member

    Apr 9, 2009
    What the guy doesn't tell you is that you have to already be compromised through some other means in order for an attacker to install a rootkit. A rootkit is just a tool attackers use to maintain access to a rooted box and to cover their tracks. It is nothing like a virus in the sense of being the tool used to compromise a machine. It is only a tool after the fact.

    The best way to avoid rootkits is not to install them and to make sure an attacker cannot install them. All the scanners in the world are completely worthless since any attacker who has root can merely disable the scanner and/or write his own rootkit that isn't detected.
Thread Status:
Not open for further replies.