Technophiles A seminar oncomputer security and protection
ContentsHacking with ROOT KITS • What is a Rootkit? • Different types of rootkits • Importance • Magnitude of damage • Counter measuresHacking with Key loggers • What are Key loggers? • Different types of Key loggers • Magnitude of damage • Counter measures
ROOT KITSIf you cannot win the gameCHANGE THE GAME ITSELF!
What are Root kits? Root kits are software which give privileged(admin) access to computer systems hiding themselves from actual administrators changing the rules of kernel and modify the way by which the operating system loads. As you or me can only change or delete what we see….It is not possible for us to find a trace of root kit installed on our system.
Different types• User mode• Kernel mode• Bootkits• Hypervisor level• Hardware type
Bootkits These are a type of root kit which are designed to modify the boot process of operating systems. They are used to attack full disk encryptions systems and bypass windows password system and thus gain administrator access. Now, we are going to show you functioning of a bootkit and are going to bypass a windows password protected account.
Surprised?? Yeah, now you know that your systems are not safe , But don’t worry .. We are not going to reveal the name of the bootkit we just used to ensure that neither your pc is hacked nor you would hack your friend’s…. ;-) But people who are sincerely interested in hacking others computers may find it on the internet.
Many of the times when our PC gets infected with virus’ we do an antivirus scan. While most of the time this may fix the problem, sometimes it Counter doesn’t. Measures That implies that Ways to fight Rootkits your system is infected with a rootkit virus and that you have to run a rootkit scan.
Detection and Removal of a ROOTKIT Many Rootkits are very difficult to detect by operating system mode programs which include antivirus’ Such type of rootkits can be detected by booting from an alternate medium and running a rootkit scan. There are many other advanced detection systems for rootkits. Hackers who write rootkit codes target big companies and celebs for stealing data and for other financial gains.
McAfee’s Rookit Detective Sophos Anti- Rootkit [Free] RootRepeal - Rootkit Detector Kaspersky Virus Removal Tool Microsoft Malicious Software Removal Tool Panda Anti-Rootkit and latest USB vaccine Sysinternals Rootkit Revealer [for Removal tools for advanced users] Rootkits
Key loggers track the keys struck on keyboard, mostly in a covert manner so that the user typing the keys is unaware that their actions are monitored. Some key loggers Key loggers can even take Key = information screenshots and Log = Keep a record of access information Different types: copied to the Software based clipboard Hardware based
Malware based:A key logger can bepresent inside a virus Kernel based:Key logger written as arootkit that has directaccess to computerhardware Software based Others: Key loggersThese include key Mainly three types: • Malware basedloggers which are API • Kernel basedbased, Grabber based • API basedand Packet analyzers.
Firmware based:A software is loaded into BIOS to keep trackof key strokes. Keyboard Hardware:A hardware isattached between Hardware basedkeyboard and main key loggerssystem to record all Out in the open!!that is typed on thekeyboard.
Magnitude and type of damageA software key logger can be installed remotely and can send back the logged information to a particular ip address or an e-mail or can broadcast data in different methods so that it would reach the hacker without being traced. Hardware key loggers generally contain memory in which they store the logged information. This needs user’s physical access to the system which is risky
Once the hacker obtains the clear text, he can easily trace down the password and id’s of the target user and hence can steal or modify data and cause loss to the target.
Counter Measures• Using a good antivirus or anti spyware• Using a KEY SCRAMBLER This is very useful as it encrypts information that is typed onkeyboard . In this way, even if the hacker plants a spyware, He willhave nothing but a computer code to decipher.• Using an ANTILOGGER This is also a good method to fight key loggers . These are theprograms that detect Key loggers by their behavior and report themto the user.