&nbsp; As an afterthought, what I would recommend, is taking a look at Zeppoo(<a href="http://zeppoo.net">zeppoo.net</a>). FYI, zeppoo is 2.6 only. <br><br>From the docs:<br>&quot;Zeppoo allows you to detect rootkits on the i386
 architecture under Linux by using /dev/kmem and
 /dev/mem. It can also detect hidden tasks,
 modules, syscalls, some corrupted symbols, and
 hidden connections. Anti-Rootkits which don't use
 these methods can be fooled easily.&quot;<br><br>Also of interest,<br><br>Bypassing Chkrootkit(translated):<br><a href="http://translate.google.com/translate?u=http%3A%2F%2Fwww.zeppoo.net%2Farticles%2FBypasserChkrootkit&amp;langpair=fr%7Cen&amp;hl=en&amp;ie=UTF-8&amp;oe=UTF-8&amp;prev=%2Flanguage_tools">
http://translate.google.com/translate?u=http%3A%2F%2Fwww.zeppoo.net%2Farticles%2FBypasserChkrootkit&amp;langpair=fr%7Cen&amp;hl=en&amp;ie=UTF-8&amp;oe=UTF-8&amp;prev=%2Flanguage_tools</a><br>