rootkits explained

Printable View

July 17th, 2002, 02:32 PM
roswell1329

rootkits explained

For those of you just starting out in *nix security, I ran across a great article that goes over the purpose and use of rootkits by crackers, and some of the most common commands that have been used to trojan a rootshell. It's an older article (1999), but still has some great explanations. It will give you a heads up as to what crackers will likely be attempting to do (if they want to cover their tracks) if they gain access to your system:

http://www.usenix.org/publications/l.../rootkits.html
July 17th, 2002, 05:57 PM
dAggressor

Pretty good article. Sadly I had to learn this information the hard way. When someone hacked an exploitables version of openssh on my system and installed a rootkit to hide the fact. Luckily he didn't clean the .bash_history file so I just tracked the commands and found all the files and logs used. A good reason to not only check your syslog (messages on linux) but also check your history file routinely.

dAggressor

All times are GMT +1. The time now is 06:55 PM.