Root Access
The Holy Grail of the network intruder is always administrative or root access to the system. A user with root access can execute any command or view any file. When you have root access, you can essentially do whatever you want to do with the system. The term “root” comes from the Unix world, but the concept of a powerful account with the privileges to control the system applies to all vendors and platforms. On Windows networks, this account is known as the Administrator account.
After the intruder is inside, often one of the first tasks is to upload a rootkit. A rootkit is a set of tools used for establishing a more permanent foothold on the system. Some of the tools are used to compromise new systems and new accounts. Other tools ...
Get Sams Teach Yourself TCP/IP in 24 Hours, Fourth Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
