Home > Enterprise Desktop News > How does an attacker install a rootkit?
Enterprise Desktop News:
EMAIL THIS

How does an attacker install a rootkit?

By Kurt Dillard, Microsoft
06 May 2005 | SearchWindowsSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

Learn how to detect and remove rootkits in Windows systems with this collection of tips, written by Microsoft's Kurt Dillard. Read one of the several tips below, or return to the main page for the complete list.

How does an attacker install a rootkit?

In order for an attacker to install a rootkit on a system, he must somehow compromise it and gain administrator privileges. He will attempt to accomplish this in a variety of ways. He can:

  • Trick a user into executing malicious code that's embedded in what appears to be a benign download from the Web, such as a game, screensaver or file sharing utility.
  • Figure out an easy-to-guess password.
  • Take advantage of a missing security hotfix.
  • Exploit a poorly configured system.
  • Install his rootkit once he gains control of the system.

About the author: Kurt Dillard is a program manager with Microsoft Solutions for Security. He has collaborated on many solutions published by this team, including "Windows Server 2003 Security Guide" and "Threats and Countermeasures: Security Settings in Windows Server 2003 and Windows XP". He has also co-authored two books on computer software and operating systems.

Click for the next tip in this series: What's the difference between user-mode and kernel-mode rootkits?



Tags: Network intrusion detection and prevention and malware removalVIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED CONTENT
Network intrusion detection and prevention and malware removal
Underlying causes of inconsistent patch management
Windows security tools for the busy desktop administrator
Check IT List: Five steps for rootkit detection
Top Windows client security tools for end users
Hacking Exposed Windows: Windows security features and tools
Tools for virus removal and detection
Windows security testing: Five tips for the summer
Buffer overflows can be prevented by GS cookies
Windows Resource Protection (WRP) protects critical system resources
How to secure BitLocker configurations

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



Windows Desktop Technology - Virtualization, Virtual Infrastructure, Virtual Desktop
HomeTopicsITKnowledge ExchangeTipsMultimediaWhite PapersBlogs
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2008 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts