A rootkit is a software system that consists of one or more programs designed to obscure the fact that a system has been compromised. An attacker may use a rootkit to replace vital system executables, which may then be used to hide processes and files the attacker has installed, along with the presence of the rootkit.
Linux has proved to be much more resistant to malware than Windows, especially when it comes to viral infections, but any remote exploit makes it just as susceptible to worms, trojans, and rootkits as any other platform. Given all the fuss in the news recently about compromised Linux/Apache servers being responsible for infecting Windows users with malware when they visit those compromised sites, we thought it would be a good time to take a look at three of the best rootkit/malware detection tools available for Linux desktop and SOHO users. Here's a brief comparison of three popular choices: Chkrootkit, Rootkit Hunter, and Ossec.