July 24th, 2002, 06:49 AM
I am writing a whitepaper on rootkits. More specifically what rootkits are out there and how to recognize them. This seems to be a common question on many security mailing lists. What I am looking for is any resources people may have on specific rootkits. t0rn, adore, illogic etc... LKM kits are welcome but I'd also like links to older kits. Information, links to the actual kits ans any forensics info is welcome. I am targetting *nix and BSD kits but windows rootkits are welcome also. I hope to create a valuable one-stop resource for sys admins who think that they have been violated but are not sure and want to understand what was done. Please feel free to send any info you may have my way. I will post a link when the paper is complete for all to share.