Linux Server Rootkit
Introduction
A Rootkit is a set of software tools used by illegal hacker or intruder to storm into the computer and obtain root privileges in order to undertake or perform unauthorized functions such as; hiding traces of its existence and exploitation of its system wide access. Russell Kay (2006). This software kit is a very dangerous tool for manipulating the server system in such a way that an illegal hacker can use it to destroy your system by planting in a virus like Trojan horse or spyware by gaining access to the system’s root directory and the unlimited power that goes with that access.
Generally the intruder gets access to normal user level to a network by either guessing or stealing a password or taking advantage of some known vulnerability and accesses a server system. Furthermore he finds the user identities and access codes to other machines on network while simultaneously deleting all track evidences of his activities.
The Rootkit could have been installed by user actions of either bad web pages or clicking phish links that open a free way to escalation of privileges to obtain deeper accessibility to the kernel, thus enabling the installation of the intruder Rootkit software. Deb Radcliff (2008).
The countermeasures which can be used to check for Rootkit modifications are as follows: First and foremost is to find out where the root kits hide, what they are hiding and how you can stop them through the Rootkit detective cleaner McAfee (R).
The backtrack is the best forensic investigation tool since through this system you analyze or investigate from the deeper most causes the shallow evidence which allows you to deal with the problem from complex to easy situations , thus effectively accomplishing the whole process successfully. Linux software systems are not easily manipulated by the intruder soft wares since its safety codes are complex to crack down compared to windows soft wares.
Reference:
Deb Radcliff (2008). HOW TO ROOT OUT ROOTKITS Networkworld.com vol.25 issue 31, p28-30.2p article
Russell Kay (2006). Root kits computer world Vol. 40 issue 5, p36-38. 2p Article
Is this your assignment or some part of it?
We can do it for you! Click to Order!