Traditional RootKits
¨A suite of tools that allow an attacker to maintain root-level access via a backdoor and hiding evidence of a system compromise
¨More powerful than
application-level Trojan horse backdoors(eg.
BO2K, Netcat) since the latter run as separate
programs which are easily detectable
¨a more insidious form of Trojan horse backdoor than application-level counterparts since existing critical system components are replaced to let attacker have backdoor access and hide