--- Josh Coffman <josh_coffman@yahoo.com> wrote:

> I just installed rkhunter and chkrootkit and ran
> them.
> chkrootkit gave me one infected message:
> 
> Checking `bindshell'... INFECTED (PORTS:  4000)
> 
> What can I do to find out more? I'm not sure if this
> message really means I have a problem or just
> something I need to investigate.
> 
> btw, rkhunter seemed to say everything checks out.
> Just a couple things were in yellow text which I
> can't
> read against the white console background.
> 
> -j
> 
changed the console colors and tried rkhunter again..
rkhunter did give me this:

* Filesystem checks
   Checking /dev for suspicious files...              
       [ OK ]
   Scanning for hidden files...                       
       [ Warning! ]
---------------
 /dev/.udevdb  /usr/share/man/man1/..1.gz  /etc/.java
/etc/.pwd.lock
---------------
Please inspect:  /dev/.udevdb (directory)  /etc/.java
(directory)



	
		
__________________________________ 
Yahoo! Mail - PC Magazine Editors' Choice 2005 
http://mail.yahoo.com
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change  you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss