This chapter focuses on the design and implementation of the rootkit remote controller. Though the design of the rootkit can be expected to follow established guidelines, the design of a rootkit controller can vary widely depending upon the intended use. For this reason, portions of this chapter are broader than the example provided, which had to be implemented for a specific purpose.
This chapter includes the following:
The controller
The interface medium
The interface
The Summary view
Control categories
The connection
Tamper detection
An example