Posted by Virus Bulletin on Aug 1, 2006
Arming sys admins with all they need to know to write a rootkit...
Imaginatively named magazine for Linux users Linux Magazine has published an article entitled 'How to write a rootkit'. The piece is the cover story for the August issue of the magazine.
According to the magazine's website the aim of the article is to arm systems administrators with the knowledge they need to stop rootkits - and anti-rootkit technology is examined elsewhere in the magazine. However, this does not detract from the fact that much of the cover article is devoted to an in-depth description of the routines required by a successful kernel rootkit - including example code.
While the writer suggests that rootkit techniques come in handy for the security-minded admin, the only example given is 'benign rootkit' Kernel Guard, which disables the kernel's module-loading functionality. The magazine goes on to analyse two Linux security systems - AppArmor and SELinux.
To see this piece of astonishingly irresponsible journalism for yourself, visit http://www.linux-magazine.com/issue/69/.
Posted on 01 August 2006 by Virus Bulletin
