Summary

Previous page
Table of content
Next page

We now have a rootkit that does the following:

  • Hides its device driver entry

  • Hides its configuration file

  • Hooks the operating system kernel

  • Hooks selected processes loaded by the operating system

  • Processes commands sent from user mode applications

  • Communicates with a remote controller

  • Filters network communication

  • Filters file system operations

  • Logs key presses

  • Hides registry keys

  • Hides directories

  • Hides processes

Our rootkit is now about as complete as a training example can be. There are more topics to discuss, and more code is introduced in the remaining chapters, but this marks the end of rootkit-specific development. The next chapter introduces corporate e-mail filtering. This type of filtering is usually performed at the application level and then passed to a rootkit for processing.



Previous page
Table of content
Next page
Professional Rootkits
Professional Rootkits (Programmer to Programmer)
ISBN: 0470101547
EAN: 2147483647
Year: 2007
Pages: 229
Authors: Ric Vieler
BUY ON AMAZON
Cisco IP Communications Express: CallManager Express with Cisco Unity Express
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
Documenting Software Architectures: Views and Beyond
Cisco CallManager Fundamentals (2nd Edition)
Special Edition Using FileMaker 8
Java All-In-One Desk Reference For Dummies
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy