Serving over 2 Million visitors each year

Search
Great Dell Offers for Startup Businesses
Dell Vostro 3500 - thin, light, and optimized for small
businesses. Only £399 excl. VAT. Includes FREE delivery.
Find out more

'Rootkits' - just when you thought viruses were a pain!

print  e-mail 

A New Threat

Well, it could only be a matter of time before hackers and virus writers got round the latest security technologies to start messing with people's PCs again. Just when we thought we were safe with our anti spyware programs, virus scanners and firewalls, a new threat looms on the horizon, and what's worse is that the companies we rely on to keep us secure aren't really prepared for it. So, what is this new threat? It's something called "Rootkits"

"A root kit is a set of tools used by an intruder after cracking a computer system. These tools can help the attacker maintain his or her access to the system and use it for malicious purposes. Root kits exist for a variety of operating systems such as Linux, Solaris, and versions of Microsoft Windows." (Wikipedia)

 

In English then?

Basically a hacker finds a way into someone's PC in the normal way, through vulnerabilities in the operating system (ie: Windows, Linux, etc) or by taking advantage of lax security. Once inside, they install a set of applications, some of which are disguised as programs that the operating system needs to run. This in itself is quite common: many Windows-based viruses disguise themselves as important system processes which fools Windows itself, meaning you can't shut them down because Windows thinks they're Microsoft products. However, rootkits also include scripts (files containing computer code) which cover their tracks by removing any reference to their being there.

A couple of tools exist to help you monitor if and when your operating system files have changed. In the past, when a file was overwritten by a virus or other such program, the file's creation date would match the date at which the file was downloaded to that PC. Now, files installed by rootkits use the same creation date as the original files, making them almost undetectable. I say almost of course, and that brings me onto the tools you can use. One of these is Tripwire, which - among other things - examines your files for integrity and lets you know whether they pass or not. The problem with this is that it's for big-bucks business and so will be very expensive. Another of these tools is an open-source project called AIDE. Because it's open source it's free, but also it may be difficult to get comprehensive support, so be wary.

Rootkits exist in order to allow the hacker to return to the compromised machine at any time, without worrying about security or being detected. The programs they install can be controlled using a system called Telnet (the name may vary from system to system), which is a protocol for sending text commands from one machine to another. The command is sent as a standard string of text (it may be encrypted or compressed, but it's still just text), and interpreted and actioned by the receiving machine.

So What's the Fuss?

Once the hacker has gained access to your machine, you are almost completely vulnerable. Your files can be downloaded, viewed, edited and even deleted, your personal information can be ransacked and your operating system corrupted.

The problem as I stated at the beginning of this article is that software developers have been largely blind to this new technology for some time, and are now only starting to make movements towards finding a solution. The problem with Windows is that it is almost fundamentally insecure, and some people are using this to fuel the argument that Microsoft should start releasing the source code for Windows, so that developers outside of the software giant can fix the problem for themselves.

What Can I do?

I've not written this with a view to giving you comprehensive, step-by-step solutions to the problem. Instead I'm hoping this will raise your eyebrows and help you to be a little more wary about the security you have in place. If you'd like to discuss your security setup, why not raise it on the Uplink, our e-mail community, at uplink@msomedia.com.

There is some good news if you use Microsoft's fledgling AntiSpyware package: they're already researching ways to incorporate rootkit detection into their software. If you've got anti-virus software in place, visit their website to find out what they're doing about rootkits. Below are some possible points of interest for you:

I hope this has given you something to think about. But remember...don't have nightmares!

Article kindly provided by Mark Steadman - MSO Media - Web Solutions that Work

Posted October 4, 2005
Latest articles in Technology
 
Choosing a web hosting service for your small business
If you are thinking of setting up a website for your business, how do you find the right hosting company for your needs? Here are some tips from the Bytestart team to help you make your decision. [July 8, 2010]
 
Domain naming tips for small business owners
If you are thinking of creating a web presence for your small business, one of the most important tasks you need to do is choose the right domain name. Here are ten tips from the Bytestart team. [July 6, 2010]
 
Get a free website for your business
Any small businesses who are thinking of taking their first steps on the web will want to register with this new scheme, which is providing a free website for 100,000 British businesses. [July 5, 2010]
 
How to find good keywords for your small business website
Finding good keywords and phrases is an important area of web marketing, but how on earth do you find out which phrases are suitable for your business website, and which are too competitive to bother with? [May 26, 2010]
 
Top 10 tips for choosing a business domain name
Tips for selecting your small business domain names - what to look out for, and how to protect your brand identity. [April 23, 2010]
 
Why site owners should think about getting links than obsessing over 'keywords'
A decade ago, site owners were obsessed by 'keywords' when seeking to propel their sites up the search engine rankings. Given that Google doesn't even recognise the keyword tag in webpages, we explain why site owners would be better off concentrating on acquiring relevant links to their sites. [April 21, 2010]
 
Looking at your business website from a visitor's point of view
Google has confirmed that website speed will now be taken into account when working out search engine rankings. Although this will just be one of many ranking factors, it is small businesses who could most benefit from this change, according to an insider at the firm. [April 14, 2010]
 
Business broadband - what to look out for when choosing a supplier
How selecting the right business broadband provider is an important step in the start-up process, and what broadband packages are available to businesses of all sizes. [March 17, 2010]
 
How to choose a phone system for your small business
When choosing a phone system for your small business, you will face a bewildering number of options from a large number of suppliers. To help you in your quest for an appropriate system to meet your needs, here are a number of important questions to ask potential suppliers before buying a phone system: [March 11, 2010]
 
A simple guide to ADSL, Cable and Mobile Broadband
As demand for broadband services has exploded over the past few years, and the number of "bundles" and offerings becomes ever more bewildering for business broadband and personal broadband users, we take a brief look at the types of broadband service available in the UK. [February 24, 2010]
 
7 questions you should ask your IT service provider
Finding the right IT service provider for your business can be a tricky undertaking though, with numerous companies to chose from, seemingly offering the same type of service. Here are some expert tips on questions you should ask to make sure you choose an IT service provider that will allow you to focus on what you know best: your business. [January 27, 2010]
 
Creating your first online store – tips for success
A great article which guides you through the steps involved in setting up a web store from scratch - you need to get people to your site, make it easy and compelling for them to buy, and provide excellent customer service. [January 5, 2010]
 
Online marketing - getting the basics right
The growth in the use of the Internet in recent years has led to a huge shift in marketing activities to the online space. This article explains some of the key things for you to focus on to help you market effectively online. [December 15, 2009]
 
Top Tips on cloud computing for small businesses
The head of Google Enterprise has put together 10 essential tips small business owners should hear in mind when getting started with 'cloud computing' [November 30, 2009]
 
Get more from broadband
Now the broadband market has matured, and providers have to offer more to attract customers. Here are some of the added-value features you can expect to see with some broadband packages. [November 26, 2009]
 

Click Here



Our Partners
Key Services
Key Services
Technology Guides
Click Here

© Bytestart Limited 2005-2010 - All Rights Reserved | Terms of Use | Site List | Website Feeds | Rss Feed RSS Feed

Business Insurance, Business Bank Accounts, Public Liability Insurance, Professional Indemnity, Startups, Limited Company, Sole Trader