Jump to content
Not connected, Your IP: 3.135.206.166

Recommended Posts

Okay, so I would say since i've started using linux about two years ago that I've graduated to an intermediate level. However, sometimes I come across things I have never heard about before. Today, I read about rootkits and that idea has terrified me. Are rootkits something a normal everyday user needs to be worried about? I have been using just clamav, but I have read up on the rootkit hunter application but it seems a little more in depth than the average user would expect. Anyone with more of an IT background care to enlighten me a little bit here?

Share this post


Link to post

If this is a regular home machine you probably have nothing to worry about. Rootkits are used on machines where the attackers want to maintain silent persistent access for a longer period of time,

such as high profile websites, servers, corporations etc.

ClamAV is not the right tool to check against them, chkrootkit and rkhunter are.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

Frankly, you will likely never encounter a rootkit unless you do something really, really stupid. Download torrents and run executables from them and you will get some. But if you have no interest in stealing software, the odds are you will never see any.

 

To be perfectly clear, only you can install a rootkit. It cannot install itself. Usually it happens when you run an executable of some sort that you got from an untrusted source.


Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.

Share this post


Link to post

Frankly, you will likely never encounter a rootkit unless you do something really, really stupid. Download torrents and run executables from them and you will get some. But if you have no interest in stealing software, the odds are you will never see any.

 

To be perfectly clear, only you can install a rootkit. It cannot install itself. Usually it happens when you run an executable of some sort that you got from an untrusted source.

 

And by stupid  you mean using anything by Sony ?

Share this post


Link to post

yeah, I would not trust anything by Sony. In 2005 they planted harmful and illegal root kits on their CD's. See > Sony BMG copy protection rootkit scandal

 

I would not trust them to not do something nuts like that again for any of their products.

 

Although there are specific anti-root kit detection products in today's world of constantly evolving and growing threats against computer systems most, if not all, standard decent quality Anti-malware software will also detect rootkits as well. So if you have a decent anti-virus/malware package installed you should be Ok for detection/prevention, and if necessary removal, in this aspect. However, never, ever - ever - ever, forget the very first line of defense and detection is you and you are the only one responsible for security of your system. If you do risky things (e.g. torrent/download/steal software) then expect your risk level to increase and if that risk becomes a reality the only one to blame is you. Despite there being all these products for anti-malware/prevention/detection/removal, the number one best initial defense is your finger on the mouse or keyboard and applying common sense and being smart to begin with. Just because you want it and/or use a VPN does not mean there is no risk involved. Oh, and by the way, there is a common misconception that a VPN protects your system - that's not true, a VPN only secures the connection traffic between your computer and what ever the end point is and does nothing to protect the actual system and anything you choose to flow through that connection is still your responsibility to make sure its not injurious to your system in some way.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...