Google Cloud Security Command Center V1 Client - Class KernelRootkit (1.13.1)

Reference documentation and code samples for the Google Cloud Security Command Center V1 Client class KernelRootkit.

Kernel mode rootkit signatures.

Generated from protobuf message google.cloud.securitycenter.v1.KernelRootkit

Constructor.

Rootkit name when available.

Generated from protobuf field string name = 1;

Rootkit name when available.

Generated from protobuf field string name = 1;

True if unexpected modifications of kernel code memory are present.

Generated from protobuf field bool unexpected_code_modification = 2;

True if unexpected modifications of kernel code memory are present.

Generated from protobuf field bool unexpected_code_modification = 2;

True if unexpected modifications of kernel read-only data memory are present.

Generated from protobuf field bool unexpected_read_only_data_modification = 3;

True if unexpected modifications of kernel read-only data memory are present.

Generated from protobuf field bool unexpected_read_only_data_modification = 3;

True if ftrace points are present with callbacks pointing to regions that are not in the expected kernel or module code range.

Generated from protobuf field bool unexpected_ftrace_handler = 4;

True if ftrace points are present with callbacks pointing to regions that are not in the expected kernel or module code range.

Generated from protobuf field bool unexpected_ftrace_handler = 4;

True if kprobe points are present with callbacks pointing to regions that are not in the expected kernel or module code range.

Generated from protobuf field bool unexpected_kprobe_handler = 5;

True if kprobe points are present with callbacks pointing to regions that are not in the expected kernel or module code range.

Generated from protobuf field bool unexpected_kprobe_handler = 5;

True if kernel code pages that are not in the expected kernel or module code regions are present.

Generated from protobuf field bool unexpected_kernel_code_pages = 6;

True if kernel code pages that are not in the expected kernel or module code regions are present.

Generated from protobuf field bool unexpected_kernel_code_pages = 6;

True if system call handlers that are are not in the expected kernel or module code regions are present.

Generated from protobuf field bool unexpected_system_call_handler = 7;

True if system call handlers that are are not in the expected kernel or module code regions are present.

Generated from protobuf field bool unexpected_system_call_handler = 7;

True if interrupt handlers that are are not in the expected kernel or module code regions are present.

Generated from protobuf field bool unexpected_interrupt_handler = 8;

True if interrupt handlers that are are not in the expected kernel or module code regions are present.

Generated from protobuf field bool unexpected_interrupt_handler = 8;

True if unexpected processes in the scheduler run queue are present. Such processes are in the run queue, but not in the process task list.

Generated from protobuf field bool unexpected_processes_in_runqueue = 9;

True if unexpected processes in the scheduler run queue are present. Such processes are in the run queue, but not in the process task list.

Generated from protobuf field bool unexpected_processes_in_runqueue = 9;