Do a search on google for chkrootkit, it is a script you can run with the command ./chkrootkit and it scans your sytem for vulnerabilities. Spyware is generally known to try to make file changes; therefore it reports back on whether things have been altered. Also nmap is a good one to run on your local system, but I understand it is a serious hacking tool and not one that you want to run over the internet unless you want to get a knock on your door. It is not really spyware specific, but will let you know if you have ports that are open (kinda related though donchathink). LOL To run it at home you would just do # nmap -p 1-65535 localhost and it will scan your ports. If you are like me you should come back with about five standard ones open, and also one in the 32,000 range that Red Hat/Fedora uses for something (forgot). Between the two apps, that is at least a start. From what I understand it is possible that some new malware/spyware/whatever, could possibly be loaded as a module straight into the kernel! I am not sure that this is true -- I haven't had any huge problems with compromised Linux boxes, but I sure don't want to find out. Later Marc On Wed, 02 Feb 2005 09:21:52 -0800, Tim Alberts <talberts@xxxxxxxxxxxxx> wrote: > Is Linux vulnerable to SpyWare and if so, what are some tools to deal > with it? Any specific SpyWare tools, I don't mean hacking into iptables > manually. > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list >
