book

Malware: Fighting Malicious Code

by Ed Skoudis, Lenny Zeltser

November 2003

Beginner to intermediate

672 pages

18h 40m

English

Pearson

Read now

Unlock full access

Content preview from Malware: Fighting Malicious Code

Chapter 8. Kernel-Mode RootKits

It's now time to take the boxing gloves off and watch how some bad guys fight a bare-knuckled brawl for the very heart of the operating system: the kernel itself. In the last chapter, we focused on user-mode RootKits, which manipulated or even replaced user-level programs, such as the secure shell daemon (sshd) or Windows Explorer GUI. Now, we'll turn our attention to a more sinister attack vector. As you no doubt recall, we use the following definition to describe RootKits:

RootKits are Trojan horse backdoor tools that modify existing operating system software so that an attacker can gain access to and hide on a machine.

Using the techniques we'll cover in this chapter, attackers employ these RootKit techniques ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Real 802.11 Security: Wi-Fi Protected Access and 802.11i

Jon Edney, William A. Arbaugh

Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code

Michael Hale Ligh, Steven Adair, Blake Hartstein, Matthew Richard

Enterprise Java™ Security: Building Secure J2EE™ Applications

Marco Pistoia, Nataraj Nagaratnam, Larry Koved, Anthony Nadalin

Malicious Cryptography: Exposing Cryptovirology

Adam Young, Moti Yung

Publisher Resources

ISBN: 0131014056Purchase book