Rootkits
From Computing and Software Wiki
| Line 5: | Line 5: | ||
== Types of Rootkits == | == Types of Rootkits == | ||
=== User-Mode === | === User-Mode === | ||
| + | User-Mode rootkits are given administrative privileges on the computer they run on. They are able to modify any files and resources and will start whenever the computer boots. User-Mode rootkits are the easiest to be detected by rootkit detection software. | ||
=== Kernal-Mode === | === Kernal-Mode === | ||
=== User/Kernal Hybrid === | === User/Kernal Hybrid === | ||
=== Firmware Level === | === Firmware Level === | ||
=== Virtual Level === | === Virtual Level === | ||
| + | == Examples == | ||
== Detection == | == Detection == | ||
== Removal == | == Removal == | ||
Revision as of 19:26, 9 April 2009
Rootkits are software which provide remote access to resources without the owner's knowledge. Rootkits are available for many different operating systems including Windows, Linux, Mac OS and others. Rootkits can have both malicious and legitimate uses. Law enforcement and child protection programs use various forms of rootkits to monitor the use of a system. Rootkits have become most known for their application with malicious intent. Hackers can use rootkits to take control of a users computer and use it for any intents they wish.
Contents |
Types of Rootkits
User-Mode
User-Mode rootkits are given administrative privileges on the computer they run on. They are able to modify any files and resources and will start whenever the computer boots. User-Mode rootkits are the easiest to be detected by rootkit detection software.
Kernal-Mode
User/Kernal Hybrid
Firmware Level
Virtual Level
Examples
Detection
Removal
References
See Also
External Links
--Elesc 14:02, 9 April 2009 (EDT)
