A shell script question

[Brian Densmore]

I'm looking to write a little shell/perl/python
script to run on my server 24/7 looking for attackers.
I want to hide this script from view. Anyone ever done this?
Or do I have to break out a compiled language to do this.
Also, anyone know of a good Linux disassembler? I 
want to reverse engineer the rootkit that the cracker
used on my machine. This little script doesn't have to
be hack-proof as it is really only meant to send out
an alarm when someone successfully breaks in. I'm just
wanting to give my script enough time to send out a call
for help, and maybe do a system shutdown. I figure if
I create my own watchdog, it is unlikely to be sniffed out
automatically by a rootkit.

Thanks,
 Brian

"Three OS's from corporate-kings in their towers of glass, 
Seven from valley-lords where orchards used to grow, 
Nine from dotcoms doomed to die, 
one from the dark lord Gates on his dark throne 
In the Land of Redmond where the Shadows lie. 
one OS to rule them all, one OS to find them, 
one OS to bring them all and in the darkness bind them, 
In the Land of Redmond where the Shadows lie."    john thrum