Language Selection

English French German Italian Portuguese Spanish

Rootkit levels of infection and mitigation

Filed under
HowTos

Hackers don many disguises in order to sneak past IT security guards. The rootkit, one of the most effective disguises, not only masks the intruder, but covers his trail.

The rootkit's origins are deeply rooted in early methods of "backdooring" Unix-based workstations and servers. Current examples encompass a variety of functions and features that further improve upon existing methods (where they don't redefine them outright). Today, the term rootkit is divorced from operating system dependency. While a strong security implementation can help mitigate the effectiveness of rootkit installation, removal of such malware is -- unfortunately -- an inexact science, and usually requires a drive format and full re-installation of the original operating system to ensure a clean and proper restoration.

Understanding this basic principle illustrates precisely why attempts to remove a determined rootkit can be impractical. The very tools used to identify such threats are susceptible to direct manipulation by these threats. One such popular tool used for rootkit detection is chkrootkit[1], which can currently identify 60 known Linux-based rootkits.

Full Story.

More in Tux Machines

Distro Development: Rescatux and Bodhi

  • Rescatux 0.40 beta 9 released
    Many code in the grub side and in the windows registry side has been rewritten so that these new features could be rewritten. As a consequence it will be easier to maintain Rescapp. Finally the chntpw based options which modify the Windows registry now perform a backup of the Windows registry files in the unlikely case you want to undo some of the changes that Rescapp performs. I guess that in the future there will be a feature to be able to restore such backups from Rescapp itself, but, let’s focus on releasing an stable release. It’s been a while since the last one. UEFI feedback is still welcome. Specially if the Debian installation disks work for you but not the Rescatux ones.
  • Bodhi 4.0.0 Updates and July Donation Totals
    Late last month I posted a first alpha look at Bodhi 4.0.0. Work since then has been coming along slowly due to a few unpredictable issues and my own work schedule outside of Bodhi being hectic over the summer. Bodhi 4.0.0 will be happening, but likely not with a stable release until September. I am traveling again this weekend, but am hoping to get out a full alpha release with 32bit and non-PAE discs next week.

Devices and Android

Leftovers: BSD/LLVM

Emma A LightWeight Database Management Tool For Linux

Today who does not interact with databases and if you're a programmer then the database management is your daily task. For database management, there is a very popular tool called, MySQL Workbench. It's a tool that ships with tonnes of functionalities. But not all of us as beginner programmers use all Workbench features. So here we also have a very lightweight database manager in Linux, Emma. Read
more