Torn Kit is a linux rootkit which has been optimized for linux/x86 mass installation. It is the first rootkit which uses precompiled binaries yet still allows a user defined password. This code is being widely used to automatically compromise hosts which have the wu.ftpd and rpc.statd vulnerabilities, and was mentioned in CERT's recent Incident Note IN-2000-10 advisory.
5c48ccb7e9f41685772e735a35e40fd8a61535f255a9d4f6968b8a1e150e3bf9