Watch Out For Rootkits That Bypass Your Firewall

watch out for rootkits that bypass your firewall

If you are at familiar with rootkits, then you know that they can be one of the nastiest infections on your computer system.

There are many types of malware out there that will affect your computer but none more so than a rootkit.

Unfortunately, even amongst some of the security professionals that are out there, some people have never heard of a rootkit.

watch out for rootkits that bypass your firewall

watch out for rootkits that bypass your firewall

They know about the common infections including viruses, Tojans, worms and other types of malware.

But when it comes to the rootkit, they are totally left in the dark.

Elite Hackers Use Rootkits

This is because they are not as widespread as other malware.

Because they take more technical ability to use properly, only elite hackers make use of them.

But when they are used in the right way, a person’s system can be severely compromised.

Especially if you have a rootkit that is able to bypass your firewall.

If you are new to the field of security, or maybe just a person that has just happened upon this article, you may not know what a rootkit is.

I will go over it in some detail and explain the dangers of a rootkit that is able to bypass your firewall.

In simple terms, a rootkit will cause an attack on your computer to not be noticed.

The specialty of a rootkit is that it can burrow down into the operating system and hide itself from a antivirus scanner that you might have running.

Most of the time it is able to do that without even being the root user.

Just because the name has root in it does not mean that the malware itself has root privileges.

Although sometimes that is the case.

These are usually known as kernel roots, the worse rootkits out there.

The Workings Of A Rootkit

If you are a rootkit, you have to communicate with an outside server to be able to get commands from it.

So to do this, you have to send messages through the network interface which is also known as the NDIS.

But the problem is, if you are communicating in this manner, the firewall will be able to pick you up.

So to show how smart some of the creators of these rootkits are, they created their own TCP\IP stacks to get through the firewall.

Once they do this, they are able to communicate with the server now.

Now your system is at the beck and call of someone else.

If you are not able to find the problem in your own machine, then it will be used for a lot of nefarious purposes and you could be the one that is blamed.

Fortunately, the security community is able to come up with solutions to fight against rootkits.

Even though the white hat security community mostly play defense, they are able to do it well enough to stay in the race.

These days, they can detect most rootkits that are on your system, even without a reboot.

This is a big advantage in the fight against this vicious kind of malware.

So when you are choosing an antivirus program to install, make sure that it has protections against rootkits.

If it doesn’t then you’re only fighting 80% of the battle.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Speak Your Mind

*