Presentation is loading. Please wait.

Presentation is loading. Please wait.

RootKit By Parrag Mehta OUTLINE What is a RootKit ? Installation Types How do RootKits work ? Detection Removal Prevention Conclusion References.

Published bySylvia Dorsey Modified over 9 years ago

Similar presentations

Presentation on theme: "RootKit By Parrag Mehta OUTLINE What is a RootKit ? Installation Types How do RootKits work ? Detection Removal Prevention Conclusion References."— Presentation transcript:

1

2 RootKit By Parrag Mehta

3 OUTLINE What is a RootKit ? Installation Types How do RootKits work ? Detection Removal Prevention Conclusion References

4 What is a RootKit ? Software that allows continued privilege access to a computer system without the system users knowledge. RootKit comes from “Root” – UNIX administrator account and “Kit” – Software components that implement the tool.

5 INSTALLATION Exploit Security Vulnerabilities Cracking a Password Trick user into executing malicious code Social Engineering – Malware is beneficial

6 TYPES Persistent – Activated every time system starts up Non-persistent – Not capable of running again on system start up Way in which they execute – User Mode – Kernel Mode

7 How do RootKits work ? RootKits use a simple concept called “Modification” Some places where modifications can be made in the software: – Patching – Easter Eggs – Spyware Modifications – Source-Code Modifications – Legality of Software Modifications

8 DETECTION Alternative trusted medium Behavioral-based Signature-based Difference-based Integrity-based Memory Dump

9 REMOVAL Re-install OS from trusted media – Highly recommended – Re-install from scratch Anti-virus software – Malicious software removal tool – AVG Pro – SpySweeper

10 PREVENTION Use Anti-virus Software Install a Firewall Use good passwords Keep Software up to date Follow good security practices

11 CONCLUSION Thus, we have seen what Rootkits are, how they work, how can they be detected and removed and also what are the prevention mechanisms. We also conclude that there is no concrete method to detect and remove RootKits.

12 REFERENCES http://en.wikipedia.org/wiki/Rootkit#cite_not e-48 http://en.wikipedia.org/wiki/Rootkit#cite_not e-48 http://www.bestsecuritytips.com/xfsection+ar ticle.articleid+122+page+1.htm http://www.bestsecuritytips.com/xfsection+ar ticle.articleid+122+page+1.htm http://www.informit.com/articles/article.aspx ?p=408884&seqNum=5 http://www.informit.com/articles/article.aspx ?p=408884&seqNum=5

13 THANK YOU

Download ppt "RootKit By Parrag Mehta OUTLINE What is a RootKit ? Installation Types How do RootKits work ? Detection Removal Prevention Conclusion References."

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University.

1 Computer and Internet Security JCCAA Presentation 03/14/2009 Yu-Min (Phillip) Hsieh Sr. System Administrator Information Technology Rice University.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Day 4-1-1 anti-virus 3-3-1.anti-virus 1 detecting a malicious file malware, detection, hiding, removing.

Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.
Module 2.2 Security, legal and ethical issues Theme: Finding solutions.

Module 2.2 Security, legal and ethical issues Theme: Finding solutions.
Rootkit Definition A rootkit is a collection of tools (programs) that enable administrator-level access to a computer or computer network. Typically, a.

Rootkit Definition A rootkit is a collection of tools (programs) that enable administrator-level access to a computer or computer network. Typically, a.
ROOTKIT VIRUS by Himanshu Mishra Points to be covered Introduction History Uses Classification Installation and Cloaking Detection Removal.

ROOTKIT VIRUS by Himanshu Mishra Points to be covered Introduction History Uses Classification Installation and Cloaking Detection Removal.
Students: Jacek Czeszewski and Marcos Verdini Rosa Professor: José Manuel Magalhães Cruz.

Students: Jacek Czeszewski and Marcos Verdini Rosa Professor: José Manuel Magalhães Cruz.
Malwares – Types & Defense Raghunathan Srinivasan Sept 25, 2007 CSE 466/598 Computer Systems Security.

Malwares – Types & Defense Raghunathan Srinivasan Sept 25, 2007 CSE 466/598 Computer Systems Security.
Web Defacement Anh Nguyen May 6 th, 2010. Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
By Joshua T. I. Towers. 13.3 $13.3 billion was the direct cost of malware for business in 2006 “direct costs are defined as labor costs to analyze, repair.

By Joshua T. I. Towers $13.3 billion was the direct cost of malware for business in 2006 “direct costs are defined as labor costs to analyze, repair.
Vijay krishnan Avinesh Dupat  Collection of tools (programs) that enable administrator-level access to a computer or computer network.  The main purpose.

Vijay krishnan Avinesh Dupat  Collection of tools (programs) that enable administrator-level access to a computer or computer network.  The main purpose.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
How You Can Protect Yourself from Cyber-Attacks Ian G. Harris Department of Computer Science University of California Irvine Irvine, CA 92697 USA

How You Can Protect Yourself from Cyber-Attacks Ian G. Harris Department of Computer Science University of California Irvine Irvine, CA USA
Chapter 4 Application Security Knowledge and Test Prep

Chapter 4 Application Security Knowledge and Test Prep
ROOT KITS. Overview History What is a rootkit? Rootkit capabilities Rootkits on windows OS Rootkit demo Detection methodologies Good tools for detection.

ROOT KITS. Overview History What is a rootkit? Rootkit capabilities Rootkits on windows OS Rootkit demo Detection methodologies Good tools for detection.
By: Donny Gray Katrina Winters Deondrick Pina Alex Napper.

By: Donny Gray Katrina Winters Deondrick Pina Alex Napper.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Similar presentations

Ads by Google