Main Page | See live article | Alphabetical index

Root kit

A root kit is a set of tools used after hacking a computer system that hide logins, processeses, and logss as well as usually sniff terminalss, connections, and the keyboard.

Called "root" kit after the fact that originally it referred to a set of recompiled Unix tools such as "ps" "netstat" "w" "passwd" that would carefully hide any trace of the hacker that those commands would normally display, thus the hacker could maintain "root" on the system without the system administrator even seing them.

Generally now the term is not restricted to Unix based operating systems, as tools that perform a similar set of tasks now exist for non-Unix operating systems, even though they may not have a "root" account.