Re: chkrootkit: Checking `bindshell'... INFECTED (PORTS: 600)
From: Vincent Lefevre (vincent_at_vinc17.org)
Date: 03/19/05
- Previous message: Rakotomandimby (R12y) Mihamina: "Re: Kernel 2.4.18-bf24"
- In reply to: Matthijs: "Re: chkrootkit: Checking `bindshell'... INFECTED (PORTS: 600)"
- Next in thread: Pigeon: "Re: chkrootkit: Checking `bindshell'... INFECTED (PORTS: 600)"
- Reply: Pigeon: "Re: chkrootkit: Checking `bindshell'... INFECTED (PORTS: 600)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 19 Mar 2005 23:37:43 +0100 To: debian-user@lists.debian.org
On 2005-03-19 18:31:03 +0100, Matthijs wrote:
> On Sat, 19 Mar 2005 13:30:16 +0100, Vincent Lefevre
> <vincent@vinc17.org> wrote:
> > COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
> > rpc.statd 1696 root 5u IPv4 1909 UDP *:600
>
> On my system:
> COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
> mlnet 2065 mldonkey 27u IPv4 4827 TCP *:4000 (LISTEN)
>
> ... yes, I've got mldonkey running, might be on port 4000, but what's
> that got to do with bindshell? Should I worry?
In my case, I don't even know why rpc.statd listens on port 600.
-- Vincent Lefèvre <vincent@vinc17.org> - Web: <http://www.vinc17.org/> 100% accessible validated (X)HTML - Blog: <http://www.vinc17.org/blog/> Work: CR INRIA - computer arithmetic / SPACES project at LORIA -- To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
- Previous message: Rakotomandimby (R12y) Mihamina: "Re: Kernel 2.4.18-bf24"
- In reply to: Matthijs: "Re: chkrootkit: Checking `bindshell'... INFECTED (PORTS: 600)"
- Next in thread: Pigeon: "Re: chkrootkit: Checking `bindshell'... INFECTED (PORTS: 600)"
- Reply: Pigeon: "Re: chkrootkit: Checking `bindshell'... INFECTED (PORTS: 600)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
