HPE Community
Operating System - HP-UX
1836638 Members
1598 Online
110102 Solutions
New Discussion

what are differences between rootkits and viruses ?

 
SOLVED
Go to solution
'chris'
Super Advisor

‎01-25-2006 03:50 AM

‎01-25-2006 03:50 AM

what are differences between rootkits and viruses ?

hi

what are differences between rootkits and worms (trojans)?
why virenscanners cannot find and remove rootkits ?

kind regards
chris

0 Kudos
Reply
5 REPLIES 5
Arunvijai_4
Honored Contributor

‎01-25-2006 03:56 AM

‎01-25-2006 03:56 AM

Re: what are differences between rootkits and viruses ?

Hi Chris,

Here you can find a good definition,

http://en.wikipedia.org/wiki/Rootkit

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
Reply
Pete Randall
Outstanding Contributor

‎01-25-2006 03:59 AM

‎01-25-2006 03:59 AM

Re: what are differences between rootkits and viruses ?

Chris,

According to TechWeb ( http://www.techweb.com/encyclopedia ), a root kit is " A type of Trojan that keeps itself, other files, registry keys and network connections hidden from detection. It enables an attacker to have "root" access to the computer, which means it runs at the lowest level of the machine."

The fact that it keeps itself hidden implies to me that the virus scanners simply can't see it and therefore can't remove it.


Pete

Pete
Reply
Steven E. Protter
Exalted Contributor

‎01-25-2006 04:29 AM

‎01-25-2006 04:29 AM

Re: what are differences between rootkits and viruses ?

Shalom,

rootkits try and gain root privledges permanently. Its a loose category, as is viruses. Basically both fall into the general category known as badware.

Both do things that the owner of the computer does not want.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Bill Hassell
Honored Contributor

‎01-25-2006 04:50 AM

‎01-25-2006 04:50 AM

Solution

Re: what are differences between rootkits and viruses ?

There is a great (but not well known) feature of Google, the define: search command. Paste these search strings into Google for a broad description from several sources:

define: rootkit
define: comuter virus
define: computer worm

Virus scanners have historically focused on bad programs that were imbedded in floppies and email or hidden with multiple type extensions. With the sudden increase in bad code coming from web sites, spyware and malware is being stored on computers by simply looking at a web page. The classic virus scanners never looked at code running inside a web page (but now the newst scanners do just that).

The biggest threat to security and stability of PC-based systems is from passive infiltratrion where the user is just browsing, never clicks on any download buttons, yet the insidious web page exploits weaknesses in the browser to make modifications, even install bad code on the user's system.

For commercial Unix systems such as HP-UX, viruses just haven't been popular with the hackers. That's because there's nothing in common with PC hardware and software, so the task is enormous with little reward (ie, denial of service, spyware, etc).

rootkits can be installed on PCs as well as Unix systems. Indeed, rootkits for Unix have been around longer than PCs have even existed but they require a high degree of technical knowledge to install and use without being detected. A properly secured company network plus timely security patches and settings will prevent such compromises on HP-UX.


Bill Hassell, sysadmin
Reply
James R. Ferguson
Acclaimed Contributor

‎01-25-2006 05:10 AM

‎01-25-2006 05:10 AM

Re: what are differences between rootkits and viruses ?

Hi Chris:

I'll add to Bill's answer and suggest a bookmark of Wikipedia projects.

For the question you asked, see:

http://en.wikipedia.org/wiki/Rootkit

Regards!

...JRF...
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.