Hello all!

I've been wondering about what is a rootkit and how it works?

I've been paranoid after I heard that the debian project got
"rootkitted", I ran chkrootkit, and it said that it's possible that I
have a LKM rootkit installed, but the website told me that it's possible
that the LKM test gives wrong information with recent kernels (Running
2.4.22 now).

These processes "were hidden from ps command":
root         0  0.0  0.0     0    0 ?        SWN  Oct28   0:01
[ksoftirqd_CPU0]
root         0  0.0  0.0     0    0 ?        SW   Oct28   4:27 [kswapd]
root         0  0.0  0.0     0    0 ?        SW   Oct28   0:00 [bdflush]
root         0  0.0  0.0     0    0 ?        SW   Oct28   0:01
[kupdated]

They seem to have PID 0, is this normal? Do my system have a rootkit
installed? If it does, how do I remove it?

Or, am I just paranoid?

Thanks for your time.
Regards,
Markus
-- 
"Software is like sex, it's better when it's free."
Markus Hästbacka <midian at ihme dot org>