Re: chkrootkit: Checking `bindshell'... INFECTED (PORTS: 600)
From: Matthijs (vanaalten_at_hotmail.com)
Date: 03/19/05
- Previous message: Ritesh Raj Sarraf: "Re: cron and anacron"
- In reply to: Vincent Lefevre: "chkrootkit: Checking `bindshell'... INFECTED (PORTS: 600)"
- Next in thread: Vincent Lefevre: "Re: chkrootkit: Checking `bindshell'... INFECTED (PORTS: 600)"
- Reply: Vincent Lefevre: "Re: chkrootkit: Checking `bindshell'... INFECTED (PORTS: 600)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 19 Mar 2005 18:31:03 +0100 To: debian-user@lists.debian.org
On Sat, 19 Mar 2005 13:30:16 +0100, Vincent Lefevre
<vincent@vinc17.org> wrote:
> When running chkrootkit on some machine, I get:
>
> Checking `bindshell'... INFECTED (PORTS: 600)
Same here, but then on port 4000.
> "netstat -a" says:
>
> udp 0 0 *:600 *:*
>
> "lsof -i:600" says:
>
> COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
> rpc.statd 1696 root 5u IPv4 1909 UDP *:600
On my system:
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
mlnet 2065 mldonkey 27u IPv4 4827 TCP *:4000 (LISTEN)
... yes, I've got mldonkey running, might be on port 4000, but what's
that got to do with bindshell? Should I worry?
> What's wrong?
Don't know, but would like to know...
-- Matthijs vanaalten@hotmail.com -- To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
- Previous message: Ritesh Raj Sarraf: "Re: cron and anacron"
- In reply to: Vincent Lefevre: "chkrootkit: Checking `bindshell'... INFECTED (PORTS: 600)"
- Next in thread: Vincent Lefevre: "Re: chkrootkit: Checking `bindshell'... INFECTED (PORTS: 600)"
- Reply: Vincent Lefevre: "Re: chkrootkit: Checking `bindshell'... INFECTED (PORTS: 600)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
