I would think Oracle would take the initiative to start providing tools to detect and remove this type of thing, but I suspect we won't see that until a large public incident of infection or data compromise. Have not looked at the list of Hotsos 2006 topics yet, wonder if any will be dealing with this type of thing. -- //www.freelists.org/webpage/oracle-l