What is a rootkit? Characteristics of rootkitToday when hackers have grown too powerful then any server system, though how strongly can still be compromised with more sophisticated forms. During the approach, the system then the rootkit is a tool that is quite dangerous. The term "rootkit" became popular when there is debate about the system against copying music CD of Sony in 2005, they automatically installed a rootkit on the PC running Microsoft Windows that users not be consulted.What is a rootkit? rootkit-la-gi-dac-diem-crab-rootkit-may-chu Rootkit is software or a software toolkit that conceals the existence of other software that is often the viruses from entering your computer system. Rootkit is usually used after a hacker gained access to the computer system. It will cover system data, files or running processes, from which the hacker can get into your computer system that may not know. A computer being installed rootkit is called being "root access". The term "rootkit" at first used for system using Unix tools, it can be thoroughly concealed traces of intruders for the user has used the command "ps", "netstat", "w" and "passwd" to test, so it allows the intruder to maintain root "authority" on the system, even system administrators cannot see them. Today the term is also used for Microsoft Windows when the same tool. Characteristics of rootkitrootkit-la-gi-dac-diem-crab-rootkit Main characteristics of rootkit is capable of hiding so if taking the program from the system such as: "Registry Editor", "Find Files", "Task Manager" cannot detect. Even though discovery of the rootkit, delete it not simple at all. Can not use the normal tools that are taking the anti rootkit program special. Rootkit usually operates at the application level is level 2 (User-mode) and the kernel (Kernel-mode) should detect them extremely difficult. Harmful effects of Rootkit for the system Rootkits are often used to conceal the tools created the "back door" to help hackers to access the system easier than in later times. Rootkit can also have similar functions when creating the back door. They allow the process from common users execute the functions for root. It hides all kinds of other stuff that can be used to compromise the system. System Manager when penetrating the still unknown or consequences can bring home a useful profile of the information, the data is extremely large, even in the long run. One of the best ways to avoid Rootkit infection is the virtual server to host from the professional service providers to run the programs as well as store important data.Many of us often think that the virtual server is usually safe, because everything is separate from your "home" in physics, not directly related to each other. But Jason Geffner has just discovered a flaw from the virtual server can jeopardize the system, because the bad guys can access other server systems running on the same host system through vulnerabilities.This security hole is called VENOM (Virtualized Environment Neglected Operations Manipulation) attack on the virtual floppy disk code used as the basis for a number of system virtualization. The good is the VMWare, Microsoft Hyper-V and Bochs is not affected. Through vulnerabilities, hackers can penetrate other virtual machine series and then gain access to the network of servers, and other important information will be easily stolen. VENOM did not intervene to virtualization software's source code, but the attacker needs to acquire the right to the highest (root) on the VM's operating system. While VENOM has not caused flaw serious damage but this vulnerability caused much anxiety among software developers. Because the previous security error usually only detected in the virtualization software is not set up by default and cannot be applied, in particular it does not affect the whole system. Therefore, the VENOM can be considered unique vulnerabilities so far, can change the default configuration and server systems, allowing the bad guys to run malicious code to sabotage the system directly. Due to the many platforms built on the code of the virtual disk should be whether you have virtual software drives off, there were 1 error help attackers turned the drive software, virtual means VENOM vulnerability has existed the way now for 11 years.Therefore, Geffner has announced this to the relevant enterprises to quickly figure out the direction of bug fixes. If your virtual server is running against this vulnerability, you need to update to the latest virtualization security today. Please protect the safe maximum for the virtual server as well as his true physical servers by updating your virtual servers to avoid causing unnecessary losses on the physical server.
đang được dịch, vui lòng đợi..
![](//viimg.ilovetranslation.com/pic/loading_3.gif?v=b9814dd30c1d7c59_8619)