Common System Call Hooks
For the sake of being thorough, Table 2-1 outlines some of the most common system call hooks.
Table 2-1. Common System Call Hooks
System Call | Purpose of Hook |
---|---|
| Logging input |
| Logging output |
| Hiding file contents |
| Preventing file removal |
| Preventing directory traversal |
| Preventing file mode modification |
| Preventing ownership change |
| Preventing signal sending |
| Manipulating |
| Redirecting file execution |
| Preventing file renaming |
| Preventing directory removal |
| Hiding file status |
| Hiding files |
| Preventing file truncating or extending |
| Preventing module loading |
| Preventing module unloading |
Now let's ...
Get Designing BSD Rootkits now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.