Rootkits. Students: Jacek Czeszewski and Marcos Verdini Rosa Professor: José Manuel Magalhães Cruz. Introduction How a rootkit works Detection Preventing and Removing Attack damage References. 1. Introduction.
Marcos Verdini Rosa
Professor: José Manuel Magalhães Cruz
A rootkit is a suite of one or more programs that allows a third party to hide files and activities from the administrator of a computer system.
The original intent of rootkits (1996) appears to have centered simply on hiding programs that would allow an attacker to “sniff” or spy on traffic going to and from a computer system.
Windows Boot Process
Hooking and Patching
3.2 File Integrity Monitoring
Enterprise and Government