Scanning for rootkits with Rootkit Hunter
Rootkits are exceedingly nasty pieces of malware that can definitely ruin your day. They can listen for commands from their masters, steal sensitive data and send it to their masters, or provide an easy-access back door for their masters. They’re designed to be stealthy, with the ability to hide themselves from plain view. Sometimes, they’ll replace utilities such as ls
or ps
with their own trojaned versions that will show all files or processes on the system except for the ones that are associated with the rootkit. Rootkits can infect any operating system, even our beloved Linux.
In order to plant a rootkit, an attacker has to have already gained administrative privileges on a system. This is one of the many reasons why I always cringe when I see people doing all of their work from the root user’s shell and why I’m a firm advocate of using sudo
whenever possible. I mean, really, why should we make it easy for...