From the Wikipedia page on
"Rootkit":
A root kit is a set of tools used by an intruder after cracking a
computer system. These tools can help the attacker maintain his or
her access to the system and use it for malicious purposes.
A root kit typically hides logins, processes, and logs and often
includes software to intercept data from terminals, network connections,
and the keyboard...
A rootkit may also include utilities, known as backdoors to help the
attacker subsequently access the system...
If their is a possibility that an intruder has gained root privileges on your machine, they may have installed a root kit. If so, you should not trust any of the standard tools such as ls, ps, netstat, login or syslogd: ls, ps and netstat may simply hide certain files, processes and connections; syslogd may not log certain events.
You will need a set of uncompromised utilities.
...previous | up (conts) | next... |