Monday, 16 December 2013

Monday, December 16, 2013
This is going to be a series of tutorials that will help you to understand Rootkits in details. You must be familiar with the term or at least have heard about it which is why you are here, I guess. Or if you are not then also its, OK. I welcome you, but to understand the stuff that we are going to be discussing in this tutorial we need you to have some basic understanding in the following things.
  • You must be familiar with the using Windows Computers.
  • You must have good knowledge or at least an idea about a firewall and antivirus software.
  • You might have encountered some sort of viruses or different malware and might have suffered with because of it.
  • Consistently getting worried about internet security and the security of your personal computer. (This can be of a casual user or a bit more advanced user also).

Some key terms that you must be familiar with:

  • Hackers: These people are not your ordinary folks messing around with the computer. The general misconception of common people is that they tend to think that hackers are all bad. Well that’s not and it not bad to be a hacker. It all depends on what you do with the knowledge that you have.
  • Blackhat hackers: These people are generally considered as cyber-criminals “hackers”, they use their great technical skills and tech as well to various evil purposes. These purposes vary and believe it or not we have all in some point of time encountered an attack by these people whether you know it or not.
  • Whitehat hackers: These people, as you might have guessed, are also hackers but they use their knowledge and tech in doing good deeds.
  • Grey hackers: These people are in between good and evil.
If you are an avid computer user and regularly update yourself with the world of technology then you might know that the cyber world is not a calm and peaceful place. It’s a battle ground where wars are being ragged, some are won and some are lost. In this article we will gear up to learn what one of the most powerful weapon that the enemies use – the rootkit.

Keeping everything out of sight, Rootkits invade our computers behind our lines, they attack different delivery systems and in this way they create a pass way for other dangerous weapons to be used. I think it sounds quite impossible to be defeated, but fortunately it’s not.

Where did Rootkits originate from?

Rootkits emerged from the UNIX world. The sole purpose of their creation was to give a user root or super-user privileges, and their activities were to remain invisible to the other users. This ability to hide itself attracted the hackers and they seized upon this to try and provide a cover for their devious activities.
Perform a scan for malware now in your computer and if you find any rootkit in it, then be assured that there are certainly other things lurking inside it as well. But the main problem is that you won’t know what’s present in the system, as the rootkit has concealed it.

Why do rootkits exist?

With much of the technology development that we have seen till now, we know that they all have both good and bad uses. A rootkit is like a vault or an empty safe. So the idea is pretty clear that the safe is not the matter, but what matters is what’s inside the safe. Things that a rootkit can hide is of numerous forms. From a simple system backup which restores the system when it crashes to a dangerous backdoor Trojan. The list goes on and on.

Here are some of the most common ways rootkits are exploited for devious purposes.

  • It can be used to launch DDoS (Distributed Denial of Service) attacks.
  • It can be used to send spam emails. 
  • Sometimes rootkits are also used to host and distribute illegal materials, mostly pirated stuff.
  • Some of the rootkits are nothing but spikes. They are used to log every keystroke and they also inspect the data that’s being transmitted from one computer to another.

Well now you have got a basic of what a rootkit is and what are the different terms related that are related to this. In the next tutorial we will look into the different methods that can be used to offer resistance and save our system from such malicious rootkit attacks.

Some books that will help you understand rootkits in details.