On Oreilly DevCenter http://linux.oreillynet.com/pub/a/linux/2002/02/07/rootkits.html
This article covers a particular tool for checking for know root kit signatures, but if you are really concerned about security it's better to be pro-active, and make sure your systems is locked down from the get-go. so some other resources. http://www.linuxdoc.org/HOWTO/Security-HOWTO.html Dan Bernstein's pages: http://cr.yp.to and of course (this is to make Jacob happy) http://openbsd.org http://www.efn.org/~laprice ( Community, Cooperation, Consensus http://www.opn.org ( Openness to serendipity, make mistakes http://www.efn.org/~laprice/poems ( but learn from them.(carpe fructus ludi)
