|
|
|
|
|
|
Digg |
|
|
|
A new generation of rootkits avoids detection by virtualizing the compromised system – and the user doesn’t notice a thing.
In the typical cat-and-mouse game of attackers and defenders, the aim of the game is to gain or keep control of the operating system. Legacy malware tries to escalate privileges and, if possible, to run in ring 0, the operating system’s kernel mode. Once it gets there, the exploit, and thus the attacker, can manipulate the system. Virtualization is often heralded as a big advance for system security. Multiple virtual systems can run on the same hardware without the ability to influence each other. This isolation prevents a number of standard attack techniques, but today’s virtualization technologies also open a whole new frontier for attacks that never would have been possible in the past. Experts are already talking about a new generation of rootkits that will exploit the powers of virtualization to avoid detection.
|
|
|
| Related Articles | |
|---|---|
| MUSIC MAKERS | Tuning up with the 64 Studio and JAD audio Linux distros |
| PREVENTION | Staying one step ahead of the intruders |
| ASK KLAUS! | |
| TECH TOOLS | |
| ASK KLAUS! | |
| ZACK'S KERNEL NEWS | |
| No More Downloads! |
|---|
|
Save the download and take Linux Magazine DVDs instead. Each DVD contains a full distro like Ubuntu, SUSE, Mandriva, Fedora, or Debian and comes with the corresponding issue of Linux Magazine. Don't waste timedownloading Linux! |
Comments