Designing BSD Rootkits: An Introduction To Kernel Hacking

Rootkits are bad. Well, that is to say they are when in the wrong hands. Rootkits can take over a system and cause problems for even large corporations like Sony BMG who nearly slipped them onto the machines of unsuspecting customers (courtesy of a DRMed CD). That said, why write a book about the topic and why would you want to read it especially since it is targeting an open source operating system like BSD? Well, first of call, knowing what something is and how it works is the first step in trying to prevent security attacks that can be spawned by rootkits. The flipside to its malevolent use is that there are useful reasons for rootkits. These concepts alone are reason enough to check out Kong’s book and why I recommend it. Operating system architecture and design are common topics in computer science programs, but rarely does it rise to this level. The book does an excellent job in partitioning the problem and the approaches using a solid platform like BSD as the target. It starts with basic hooking mechanisms and moves onto run-time kernel patching. Before you decide that this book is only for novice system-attackers, consider some of the latest advances in debugging, such as hot patching of applications and operating systems. The techniques presented in this book are the same as those used to implement these very useful features.