if I am looking for a virus/spyware under linux, where should I have to look for to find it ?
I suspect to be the target of very skilled hackers. 5 or 6 years ago I found a spyware on my linux box, it was lkm masked as ppp_deflate module with md5 hash hijacked. I mean with the same md5 hash of the original ppp_deflate. So my question is not "please advice me some kind of antirootkit tool" neither "Please give me some kind of malware for linux". I tryied different kinds of antirootkit tools but all had not worked. And my question is: I suspect I have a spyware on my linux box, where should I look for find this spyware ? kernel ? lkm ? libc ? binary ? initrd ? gnome limited process ? Then it's a kind of forensic question.. thanks