Nutter offers background on the danger of NT Rootkits.Lately I\u2019ve heard a couple of stories about NT Rootkits. What can you tell me about them, and is this something I should be concerned about?- Via the InternetYou should be concerned about NT Rootkits. Until recently, they\u2019ve mostly been a concern of the Linux\/Unix world. NT Rootkits can do several things, such as hide files on the server\/workstation that would alert you to their presence. The real "power" of the NT Rootkit is that it can hide processes or directories. I have seen a system infected by a rootkit and it caused problems with the SMTP service on the server being able to send or receive mail.The problem with NT Rootkits is that even if you know what to look for, you could still miss the tell-tale signs. You can go to\u00a0rootkit.com for a sampling of some of the rootkits currently available. You will need some type of C compiler in order to compile the source files for them to be usable. Borland's C++ Builder Personal edition is one that's affordable and user friendly if you haven't had any C experience before. I can't emphasize this enough: When working with this kind of material ensure the machines you're working on are isolated from your production network in every way possible.Depending on your training budget, there is training available from\u00a0blackhat.com on how to defend from rootkits. Training is just one avenue to protect yourself from rootkit intrusion. Keeping the servers up to date on patches and limiting access to the server console, both locally and remotely, are just two of the additional steps to take to help avoid being a victim of the rootkit.