Add new Bookmark
Do you need some help? Enter your problem or question below and an Exhibited Guru will get back to you. If you have a serious problem, it might be best to ask a moderator instead by selecting "Mod Box" from the drop down. Remember, this isn't for reporting bugs.



L43 SA AMF h1_src=DOS.[Rootkit].dll


THIS DINOSAUR IS DEAD! (It's picture is no longer available.)

Basics

Biology

Skills

Design

Name
h1_src=DOS.[Rootkit].dll
Species Gender Age
Herrerasaurus Female Dead
Owner Breeder
UnwrittenTale (#3511) UnwrittenTale (#3511)
Notes
~ {Rootkit} ~

Source: Wikipedia

The first documented computer virus to target the personal computer marketplace, discovered in 1986, used cloaking techniques to hide itself: the Brain virus intercepted attempts to read the boot sector, and redirected these to elsewhere on the disk, where a copy of the original boot sector was kept.[1] Over time, DOS-virus cloaking methods became more sophisticated, with advanced techniques including the hooking of low-level disk INT 13H BIOS interrupt calls to hide unauthorized modifications to files.[1]

Rootkits and their payloads have many uses:

Provide an attacker with full access via a backdoor, permitting unauthorized access to, for example, steal or falsify documents. One of the ways to carry this out is to subvert the login mechanism, such as the /bin/login program on Unix-like systems or GINA on Windows. The replacement appears to function normally, but also accepts a secret login combination that allows an attacker direct access to the system with administrative privileges, bypassing standard authentication and authorization mechanisms.

Conceal other malware, notably password-stealing key loggers and computer viruses.[17]

Appropriate the compromised machine as a zombie computer for attacks on other computers. (The attack originates from the compromised system or network, instead of the attacker's system.) "Zombie" computers are typically members of large botnets that can launch denial-of-service attacks and distribute e-mail spam.

Enforcement of digital rights management (DRM).

In some instances, rootkits provide desired functionality, and may be installed intentionally on behalf of the computer user:

Conceal cheating in online games from software like Warden.[18]

Detect attacks, for example, in a honeypot.[19]

Enhance emulation software and security software.[20]

Alcohol 120% and Daemon Tools are commercial examples of non-hostile rootkits used to defeat copy-protection mechanisms such as SafeDisc and SecuROM. Kaspersky antivirus software also uses techniques resembling rootkits to protect itself from malicious actions. It loads its own drivers to intercept system activity, and then prevents other processes from doing harm to itself. Its processes are not hidden, but cannot be terminated by standard methods (It can be terminated with Process Hacker).

Anti-theft protection: Laptops may have BIOS-based rootkit software that will periodically report to a central authority, allowing the laptop to be monitored, disabled or wiped of information in the event that it is stolen.[21]

Bypassing Microsoft Product Activation[22]