do_brk_exp is likely a local privelige escalation exploit of the do_brk vulnerability
that was identified in december. This exploit allows someone with local access to gain root level access (full system compromise). Suckit is a non-lkm rootkit
used to hide the presence of an intruder, including their processes and activities. Not sure what everything else is, but likely various modifed tools and daemons.
If do_brk was used to take over your system, I'd guess that your system was not fully patch and probably had multiple applications that were vulnerable to remote attack (there was a recent ssl vulnerability) which would allow a hacker/cracker to gain user level access and upload a number of tools, including the rootkit and do_brk exploit. From there root acccess could be gained by exploiting the do_brk hole. However, that's an educated guess based on the files you've listed. If you would like to learn more about how the actual exloitation occured, you'll need to boot the system with a cd-rom (or "live") distro and mount the drive with the compromised system as read-only. Then you can feel free to checkout the file system, logs, config files free of any obfuscation the rootkit might normally do. If you'd like to get the system backup and running, you can either image the compromised drive for analysis purposes or just replace the drive altogether.
The rootkit itself can technically be un-installed, however once your security has been compromised, it's fairly difficult to verify that the system is free of other backdoors/rootkits/tools. The only real option is to format and re-install from trusted media (not a backup). You can backup human readable files that you can visually verify are clean, but binaries should not be trusted. You can also chaeckout a number of docs on recovering from compromise in the LQ security references thread. You can also checkout info on the original version of suckit at phrack