لطفا منتظر باشید ...
Chapter 1. Leave No Trace
Subtle and insubstantial, the expert leaves no trace; divinely mysterious, he is inaudible. Thus he is the master of his enemy's fate.SUN TZU
Many books discuss how to penetrate computer systems and software. Many authors have already covered how to run hacker scripts, write buffer-overflow exploits, and craft shellcode. Notable examples include the texts Exploiting Software,[1] The Shellcoder's Handbook,[2] and Hacking Exposed.[3][1] G. Hoglund and G. McGraw, Exploiting Software: How to Break Code (Boston: Addison-Wesley, 2004). See also www.exploitingsoftware.com[2] J. Koziol, D. Litchfield, D. Aitel, C. Anley, S. Eren, N. Mehta, and R. Hassell, The Shellcoder's Handbook (New York: John Wiley & Sons, 2004).[3] S. McClure, J. Scambray, and G. Kurtz, Hacking Exposed (New York: McGraw-Hill, 2003).
This book is different. Instead of covering the attacks, this book will teach you how attackers stay in after the break-in. With the exception of computer forensics books, few discuss what to do after a successful penetration. In the case of forensics, the discussion is a defensive onehow to detect the attacker and how to reverse-engineer malicious code. In this book we take an offensive approach. This book is about penetrating a computer system without being detected. After all, for a penetration to be successful over time, it cannot be detected.In this chapter we will introduce you to rootkit technology and the general principals of how it works. Rootkits are only part of the computer-security spectrum, but they are critical for many attacks to be successful.Rootkits are not, in and of themselves, malicious. However, rootkits can be used by malicious programs. Understanding rootkit technology is critical if you are to defend against modern attacks.
