What Is a Rootkit?

When it comes to the internet, there are so many different threats, from viruses spread by e-mail to Trojans, or malicious internet-borne infections that can potentially do serious harm to a computer. While there are certainly many bugs, viruses and other threats that we need to avoid, most people don’t understand the threats, why they should be avoided and what steps to take to protect ourselves from these threats if can’t avoid them.

Like everything else, we need to have at least a basic understanding of what these ominous threats are so that we can decide if we need to take steps to protect ourselves from them. When it comes to computer terms it seems most of them have long, complicated definitions that, after reading them, have the average computer user no closer to understanding the word or subject they were researching to begin with. For this reason, among others, it is imperative that we understand various computer terms in laymen’s terms so that we are equipped to handle decisions regarding them, such as whether to avoid certain software programs.

Before we talk about what a rootkit is, we need to understand that a rootkit is a software program that is installed on a computer, typically without the user’s knowledge, which is used to spy on another person. While most people have a basic knowledge about viruses, worms and other malicious infections that can invade a computer, they typically do not know what a rootkit is, why it would be on a computer or what it does. Rootkits are unique software in that, while most software is either good or bad for your computer system, they have both good, legitimate uses and malicious, highly destructive uses.

Fundamentally, a rootkit is computer software that allows people to control other computers from a remote location, which means that, were you to install a rootkit on a computer in New York, for example, you could control it from your home in Florida and the person in New York would be have no knowledge that someone is watching them. A person using a rootkit is capable of executing files, accessing log files, changing the configuration and monitoring activities that take place on the other computer. In a nutshell, a rootkit allows you to spy on people who are using a different computer.

A rootkit is unique software because it can be used for both good and bad purposes. Typically when you hear various computer terms, such as ‘virus’ or ‘software’, you know immediately whether it is good or bad. However, when you hear the term rootkit, more information is required in order to determine a course of action. While rootkits can be used for good, legitimate purposes, by parents, employers or even law enforcement, most media coverage given to rootkits is focused on the harm rootkits can cause. As rootkits are usually used by hackers to gain access to your personal or business computers with malicious intent, the negative coverage is warranted.

Rootkits allow a person to access another computer remotely and take complete control over that computer without the actual user ever knowing what is taking place. This computer software is stealth, which while it can serve positive purposes, like helping police gather evidence against a known criminal without having to dedicate man hours to a stakeout, makes it potentially dangerous for ordinary people, unaware of the damage hackers can do from afar.

Cite This Page

Feldman, Barbara. "What Is a Rootkit?." Surfnetkids. Feldman Publishing. 14 Aug. 2009. Web. 2 Sep. 2015. <http://www.surfnetkids.com/tech/1447/what-is-a-rootkit/ >.

About This Page

By . Originally published August 14, 2009. Last modified August 14, 2009.