Chapter 6: Communications

Previous page
Table of content
Next page

Overview

This chapter introduces low-level network communications. Low-level communication is a requirement of many rootkits for several reasons. Of primary concern is that low-level communications cannot be seen by higher-level communications, such as the socket-level communications monitored by personal firewalls. This enables rootkits to remain undetected by personal firewalls and port monitors, such as Sysinternal’s portMon. Another reason for low-level communication is the need to separate rootkit communications from general network communications, as the connection between a rootkit and its remote controller does not need to be monitored by the rootkit.

This chapter includes the following:

  • The Transport Driver Interface (TDI)

  • Connection initiation

  • An example of remote control communication



Previous page
Table of content
Next page
Professional Rootkits
Professional Rootkits (Programmer to Programmer)
ISBN: 0470101547
EAN: 2147483647
Year: 2007
Pages: 229
Authors: Ric Vieler
BUY ON AMAZON
Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
Data Structures and Algorithms in Java
Logistics and Retail Management: Emerging Issues and New Challenges in the Retail Supply Chain
InDesign Type: Professional Typography with Adobe InDesign CS2
Cultural Imperative: Global Trends in the 21st Century
Understanding Digital Signal Processing (2nd Edition)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy