Linked by Thom Holwerda on Tue 26th Dec 2006 12:25 UTC, submitted by Ravi
"A rootkit is a collection of tools a hacker installs on a victim computer after gaining initial access. It generally consists of network sniffers, log-cleaning scripts, and trojaned replacements of core system utilities such as ps, netstat, ifconfig, and killall. I know of two programs which aid in detecting whether a rootkit has been installed on your machine. They are Rootkit Hunter and Chkrootkit."
Thread beginning with comment 196696
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2005-08-18
"To go totally undetected, a rootkit would also have to replace the rpm command."
Not at all, it just have to make rpm think that there are no modified files. Modifying the rpm database isn't hard once you have root.