Playing around and reading, I thought about creating a "distributed rootkit". Essentially, once you have rootkitted one system, the kit will install itself to other systems, and the process repeats until the whole network it "r00ted" I'm just working out the basics now, but please give me any feedback you may have!

I've though about this much:

1. The computer is broken into (sufficiently enough) to install a rootkit and configure daemons.

2. Set up the rooted computer to be a bootstrap server.

3. One would then poison the router/hub (whatever networking device there is) to make the computers on that part of the network point to our computer as the bootstrap server.

4. Send a command to the computers to restart, and when they ask our bootstrap server for their booting info, we send them the info and our rootkit.

5. The rootkit becomes installed onto those computers, and the process repeats itself through the network.

Notes - there needs to be some kind of check to make sure that a computer is not rebooted if the kit is already installed on it.

- Is there another way other than to keep setting up computers as bootpd's to infect the computer system? Can one set the routers to point the entire network to an infected segment of the hub (that each runs bootpd), thus reducing the number of computers that run bootpd?

I'm not completely sure whether this would be the way to go about installing rootkits, but hey, maybe you have some better ideas

-Lone1337

PS. If you got 'em, keep the wise-@$$ comments to yourself