=========================================================================================

This is the indexfile for my submission for "the scan of the month" May
My mission was to identify and recover a deleted rootkit from a compromised Linux system. 
 
=========================================================================================

analysis-may:	This file contains the answers on this months questions
		1) Show step by step how you identify and recover the deleted rootkit from 		the / partition. 
		2) What files make up the deleted rootkit? 
		Bonus Question: 
		Was the rootkit ever actually installed on the system? How do you know? 

last.sh:	This is the script that was used to install the rootkit

blocks:		This describes the deleted blocks which were recovered from the disk

blocks.tar.gz:	This is the tar archive of the blocks described in the "blocks"-file

timeline:	This is the commented output of mactimes showing the modification, access
		and creation times.

index:		This is the file you're reading :)