Results 1 to 2 of 2

Thread: rootkits explained

  1. #1
    Senior Member roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670

    rootkits explained

    For those of you just starting out in *nix security, I ran across a great article that goes over the purpose and use of rootkits by crackers, and some of the most common commands that have been used to trojan a rootshell. It's an older article (1999), but still has some great explanations. It will give you a heads up as to what crackers will likely be attempting to do (if they want to cover their tracks) if they gain access to your system:

    http://www.usenix.org/publications/l.../rootkits.html
    /* You are not expected to understand this. */

  2. #2
    Member
    Join Date
    Jul 2001
    Posts
    62
    Pretty good article. Sadly I had to learn this information the hard way. When someone hacked an exploitables version of openssh on my system and installed a rootkit to hide the fact. Luckily he didn't clean the .bash_history file so I just tracked the commands and found all the files and logs used. A good reason to not only check your syslog (messages on linux) but also check your history file routinely.

    dAggressor
    dAggressor

    It\'s a long life, until you die

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •