on rootkits
Hi, newbie here. I've been reading up on rootkits (via Google), but there's so much on detection and removal and hardly anything, if at all on how they get into a computer. So...how DO they get into a computer? Is it as easy as, say, clicking on a link, clicking on a link that leads to a pop-up ad, a pop-up ad somehow getting past your browser defenses, or accidentally going to a site marked as red by WOT - and you're still in danger even if you get out of suspicious sites quickly? I know viruses find it hard to survive in Linux, but is it different for rootkits? Say, once they enter, they can punch a hole straight into your root account? How much of a threat do they pose in the Linux community (are new rootkits being created every year, say? Or are they as rare as Linux viruses?)?
Comments
-
Linux based system can still be exploited by rootkits, however due to the heightened security (users not using the root account for normal uses) the potential for exploitation is minimized.
Generally the rootkits are installed by the user in a trojan package such as software or kernel modules. The added signature verification and md5sums used by modern tarballs and package managers make it far easier for us to quickly detect modified packages, but as with any infections it is up to the user to use due diligence when installing anything on their computers.
As for how rare they are, there may be many rootkits created to exploit Linux based systems but creation means nothing unless they can be employed, the added security measures are what is really protecting us.0
Categories
- All Categories
- 175 LFX Mentorship
- 175 LFX Mentorship: Linux Kernel
- 745 Linux Foundation IT Professional Programs
- 372 Cloud Engineer IT Professional Program
- 168 Advanced Cloud Engineer IT Professional Program
- 73 DevOps IT Professional Program - Discontinued
- 3 DevOps & GitOps IT Professional Program
- 98 Cloud Native Developer IT Professional Program
- 7.6K Training Courses & Learning Paths
- AI & ML Training
- Blockchain & Decentralized Identity Training
- Cloud & Containers Training
- Cybersecurity Training
- DevOps & Site-Reliability Training
- Linux Kernel Development Training
- Networking Training
- Open Source Best Practice Training
- System Administration Training
- System Engineering Training
- Web & Application Development Training
- 2 LFD103-JP クラス フォーラム
- 4 LFD210-CN Class Forum
- 764 LFD259 Class Forum
- 681 LFS101 Class Forum
- 2 LFS158-JP クラス フォーラム
- 162 LFS207 Class Forum
- 3 LFS207-DE-Klassenforum
- 4 LFS207-JP クラス フォーラム
- 61 LFS241 Class Forum
- 52 LFS242 Class Forum
- 42 LFS243 Class Forum
- 19 LFS244 Class Forum
- 4 LFS250-JP クラス フォーラム
- 166 LFS253 Class Forum
- 19 LFS256 Class Forum
- 1.4K LFS258 Class Forum
- 165 LFS261 Class Forum
- 26 LFS267 Class Forum
- 792 Hardware
- 202 Drivers
- 68 I/O Devices
- 37 Monitors
- 95 Multimedia
- 173 Networking
- 91 Printers & Scanners
- 87 Storage
- 768 Linux Distributions
- 81 Debian
- 67 Fedora
- 22 Linux Mint
- 13 Mageia
- 24 openSUSE
- 150 Red Hat Enterprise
- 31 Slackware
- 13 SUSE Enterprise
- 356 Ubuntu
- 465 Linux System Administration
- 31 Cloud Computing
- 73 Command Line/Scripting
- Github systems admin projects
- 98 Linux Security
- 78 Network Management
- 101 System Management
- 46 Web Management
- 106 Mobile Computing
- 18 Android
- 73 Development
- 1.2K New to Linux
- 1K Getting Started with Linux
- 392 Off Topic
- 121 Introductions
- 181 Small Talk
- 29 Study Material
- 944 Programming and Development
- 310 Kernel Development
- 616 Software Development
- 977 Software
- 369 Applications
- 182 Command Line
- 5 Compiling/Installing
- 68 Games
- 317 Installation
- Archived
- 2 LFD140 Class Forum
Upcoming Training
-
August 20, 2018
Kubernetes Administration (LFS458)
-
August 20, 2018
Linux System Administration (LFS301)
-
August 27, 2018
Open Source Virtualization (LFS462)
-
August 27, 2018
Linux Kernel Debugging and Security (LFD440)