The Linux Threat: Rootkits and how to remove them

Discussion in 'all things UNIX' started by Jav, Sep 15, 2010.

Thread Status:
Not open for further replies.
  1. Jav

    Jav Guest

    Jav, Sep 15, 2010
    #1
  2. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    What the guy doesn't tell you is that you have to already be compromised through some other means in order for an attacker to install a rootkit. A rootkit is just a tool attackers use to maintain access to a rooted box and to cover their tracks. It is nothing like a virus in the sense of being the tool used to compromise a machine. It is only a tool after the fact.

    The best way to avoid rootkits is not to install them and to make sure an attacker cannot install them. All the scanners in the world are completely worthless since any attacker who has root can merely disable the scanner and/or write his own rootkit that isn't detected.
     
    chronomatic, Sep 15, 2010
    #2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...