This presentation of 40 minutes gives a quick introduction in the world of Linux malware and incident handling. We cover malware, like rootkits and how they hide on the system. Finally we look at how to handle with a compromised system, and go into the possible defenses to limit the risks.