Anton Chuvakin on illogic Rootkit Analysis

UNIX Rootkits and Illogic Kit Analysis Anton Chuvakin, Ph.D. Senior Security Analyst FBI Academy June 2002

Rootkits: Introduction ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Rootkits: Brief History ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Features: Remote Access ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Features: Local Access ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Features: Attacks ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Features: Hiding and Cleanup ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Rootkits: Perks ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Use (i.e. abuse) of rootkits ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Old rootkis (1994-2000) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Newer kits (1999-2002) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Introducing Illogic v. 1.2 I ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Introducing Illogic v. 1.2 II ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Illogic Components: RAT ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Illogic Components: Hiding ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Illogic Components: Attacks I ,[object Object],[object Object],[object Object],[object Object]

Illogic Components: Attacks II ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Illogic Components: Attacks III ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Illogic Components:Security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Illogic Installation I ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Illogic Installation II ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Illogic Installation III ,[object Object],[object Object],[object Object],[object Object],[object Object]

Illogic: Changes to System ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Future Trends ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Conclusion ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Thanks for Viewing the Presentation ,[object Object],[object Object],[object Object],[object Object],[object Object]

Anton Chuvakin on illogic Rootkit Analysis

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (20)

Similar to Anton Chuvakin on illogic Rootkit Analysis

Similar to Anton Chuvakin on illogic Rootkit Analysis (20)

More from Anton Chuvakin

More from Anton Chuvakin (20)

Recently uploaded

Recently uploaded (20)

Anton Chuvakin on illogic Rootkit Analysis