Can Rootkits Beneficial to Security Administrators?


A rootkit is a clandestine set of administrative tools which operate by opening a backdoor with escalated privileges into a system. In a non-malicious form, it can be beneficial as a quick and efficient way for a security administrator to enter the system, run tests, check configurations, trace audit logs, and perform maintenance tasks.

However, a rootkit is commonly associated with a well-disguised set of tools which allow a hacker to gain admin privileges into a system and wreak havoc.

If an operating system has a rootkit, it is a nothing short of a ticking time-bomb. While the root-kit by itself is not harmful, it provides an open (back)door to let in an army of bots, malware, worms, Trojan horse, and other malware to enter the system, and eventually take over it. And as the rootkit allows the user to operate with admin permission, malicious code can be executed, critical files permanently destroyed, and registry entries can even be manipulated.