Sunday, September 13, 2009

Rootkit

Defination: A rootkit is a program designed to hide not only itself, but another program and all its associated resources (processes, files, folders, Registry keys, ports and drivers) (Rootkits.for.Dummies, Larry Stevenson and Nancy Altholz,  Jan,2007)

Rootkit is a combination of Root and Kit. Root prefers to the most powerful privilege in system and kit is a program or utilitie which helps it can maintain its root-level.

Rootkit is available in all systems. First, it is developed and used in Unix-like operating systems. In 1999, Greg Hoglund, the owner of rootkit.com, introduced the first rootkit in Windows NT. The discovery of the Sony Digital Rights Management (DRM) Rootkit by Mark Russonovich of Sysinternals on October 31, 2005 suddenly thrust rootkits from relative obscurity to a position of prominence.

-to be continued-