Designing BSD Rootkits
An Introduction to Kernel Hacking
For most computer-savvy readers, the word "rootkits" is synonymous with the word "evil." (We all remember the Sony rootkit, right?) Traditionally, rootkits are used to covertly give a remote attacker complete control of a computer, including administrative privileges, while evading detection by hiding running processes and files.Rootkits are a growing threat to even the most secure operating systems.
However, learning how rootkits work can teach us a lot about an operating system. In Designing BSD Rootkits: An Introduction to Kernel Hacking (No Starch Press, April 2007, http://www.nostarch.com/rootkits.htm), author Joseph Kong shows how to write offensive rootkits, defend against malicious ones, and explore the FreeBSD kernel in the process. As the first book to approach rootkits from a FreeBSD-centric perspective, Kong's goal is to make readers smarter, not teach them how to write exploits or launch attacks.
While Designing BSD Rootkits focuses on programming and developing rootkits under FreeBSD, most concepts apply to other operating systems, such as GNU/Linux or Windows. Kong's liberal examples assume no prior kernel-hacking experience. All code is thoroughly described and analyzed, and each chapter contains at least one real-world application.
Readers of Designing BSD Rootkits learn
* The fundamentals of FreeBSD kernel module programming
* How to use call hooking to subvert the kernel
* How to manipulate the objects the kernel depends upon for its internal record-keeping
* How to patch kernel code stored in main memory, thus altering the kernel's logic while it's still running
* How to defend against the attacks described
"The word "hacking" has a bad name, but there is more to hacking than breaking into systems," said No Starch Press founder Bill Pollock. "This is not a book for script kiddies who just want to launch easy exploits. This is heady stuff. This is a book for real hackers who want to understand how the kernel works so that they can better secure their OS, whether it's FreeBSD or other."
Anyone with an interest in systems administration, open source operating systems, or computer security has something to learn from Designing BSD Rootkits.
Additional Resources:
* Sample chapter: rootkits_ch2.pdf
ABOUT THE AUTHOR: Joseph Kong (www.thestackframe.org) is a self-taught programmer who dabbles in information security, operating system theory, reverse engineering, and vulnerability assessment. He has written for Phrack Magazine and was a system administrator for the City of Toronto.
Designing BSD Rootkits: An Introduction to Kernel Hacking
Joseph Kong,
April 2007, 144pp., US $29.95
ABOUT NO STARCH PRESS: Founded in 1994, No Starch Press is one of the few remaining independent computer book publishers. We publish the finest in geek entertainment--unique books on technology, with a focus on Open Source, security, hacking, programming, and alternative operating systems. Our titles have personality, our authors are passionate, and our books tackle topics that people care about. No Starch Press books have been included in the prestigious Communication Arts Design Annual and STEP inside 100 competition, and have won the Ippy Award from Independent Publisher magazine. See www.nostarch.com for more information and our complete online catalog. (And most No Starch Press books use RepKover, a lay-flat binding that won't snap shut.)
# # #
.
Return to &Else News & Views. . .
.
Participate in your Design Center
Lots of fun and information for all... don't forget, any community is only as good as the participation of its members. We invite your tips, tricks, comments, suggestions and camaraderie.
- Ask for the DT&G Monthly: to receive DT&G newsletter each month, happenings in the Design Center and regular columns like the "Mail Bag" and "Cool Sites"
- Discuss Design & Desktop Publishing : in the Designers' CAFE
- Link to this site, and then show us the link. We'll send you any of our current door prizes, just for your trouble.
- Discuss Photoshop at Photoshop 911
- SUBMIT: a news link, new font, or product review
- REVIEW a website: posted by our readers
- SUBMIT a Website: for review in Web Design & Review
- Submit a Critique: of a popular web site, or YOUR web site!
- WIN PRIZES: in our "Question of the Month" column
- Meet Friends of the Design Center people who care!
- Become a Friend of the Design Center: and put your link on the front page
- Submit News, Views or your latest press release
- Submit your Software Review: shareware, freeware, fonts, graphics, utilities -- if you've found software you like, let DT&G readers know about it!
Learning, training, tips, tricks, and moreThe Design Bookshelf team reads and reviews the best books for the creative visual designer, desktop publishing practitioner and visual communicator. If you want to know it -- we'll show you the very best way to learn it... in the Designer's Bookshelf
Get more out of your computer: join a user group - There are computer clubs around the world called "user groups" where you find fellow computer users ready and willing to share a wealth of information. If you're not a UG member, you should be.. find a group at the User Group Network
Photoshop FAQ - Got a question? Get an answer: in the Photoshop 911 FAQ if you don't find the answer there, you can ask your question or send your problem to the Photoshop 911 Team