Hi there, i've a old suse box (6.2) which is hacked and rootkitt'ed. the rootkit seams to be a littlebit shitty .. but has a backdoor etc.. i dunno the name of it and found only warnings about the kit while searching the net. if somebody of you have/found more informations about this kit, would be nice to hear from you :) All informations i have is: it creates a directory: /usr/bin/duarawkz has a udp backdoor and uses scripts to hide himself. thanks PS: i don't administrate this box ;) i'll never have a old system like that... horrible.. -- intraDAT AG http://www.intradat.com Wilhelm-Leuschner-Strasse 7 Tel: +49 69-25629-0 D - 60329 Frankfurt am Main Fax: +49 69-25629-256 Junk mail is war. RFCs do not apply.