Rootkit In Computer Terms?

1
ROOTKIT IN COMPUTER TERMS?
2
POINTS OF DISCUSSION
What is rootkit? History of rootkit What can a
rootkit do? How can a rootkit get on my
computer? What are the types of rootkit?
3
WHAT IS ROOTKIT?

• A rootkit is a collection of computer software,
  typically malicious, designed to enable access
  to a computer or an area of its software that is
  not otherwise allowed (for example, to an
  unauthorized user) and often masks its existence
  or the existence of other software.

4
(No Transcript)
5
HISTORY OF ROOTKIT
The term rootkit or root kit originally referred
to a maliciously modified set of administrative
tools for a Unix-like operating system that
granted "root" access. If an intruder could
replace the standard administrative tools on a
system with a rootkit, the intruder could obtain
root access over the system whilst
simultaneously concealing these activities from
the legitimate system administrator.
6
The Greek wiretapping case of 200405, also
referred to as Greek Watergate,involved the
illegal telephone tapping of more than 100
mobile phones on the Vodafone Greece network
belonging mostly to members of the Greek
government and top-ranking civil servants. The
taps began sometime near the beginning of August
2004 and were removed in March 2005 without
discovering the identity of the perpetrators.
7
WHAT CAN A ROOTKIT DO?
Rootkits grant attackers full control over a
system, which means they can modify existing
software at willparticularly the software
designed to detect its presence. As a result,
rootkit detection is difficult since the software
responsible for detecting it is often usurped or
blinded by an attack.
8
HOW CAN A ROOTKIT GET ON MY COMPUTER?
Rootkits can infiltrate a PC or any computer just
like regular malware, through infected links and
websites or by coming bundled with free software.
9
WHAT ARE THE TYPES OF ROOTKIT?
There are different types of rootkits, and they
are classified by the way they infect a targeted
system. Here are the most commonly used
ones Kernel mode rootkit User mode rootkit
Firmware rootkits
10
KERNEL MODE ROOTKIT
These are designed to change the functionality of
an operating system by inserting malware onto
the kernelthe central part of an operating
system that controls operations between hardware
and applications. They pose big threats since
kernels have the highest levels of privileges
within a system.
11
USER MODE ROOTKIT

• These rootkits are executed by acting as ordinary
  user programs. They are sometimes referred to as
  an application rootkit since they operate where
  applications typically run.
• They tend to be easier to deploy but often pose
  less damage than kernel rootkits.

12
FIRMWARE ROOTKIT

• These take advantage of software embedded in a
  systems firmwarerouters, network cards, hard
  driveswhich can allow a rootkit to remain
  hidden for longer since these devices are not
  typically inspected for code integrity.

13
CONTACT US
Email info_at_reasonsecurity.com Website
www.reasonsecurity.com
14
THANK YOU!