Re: chkrootkit indicates infection

Top Page
This message is part of the following thread:
M++\the complete thread tree sorted by date
MMMMJosh Coffman at <-
.MMJosh Coffman at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: JD Austin
Date:  
To: Main PLUG discussion list
Subject: Re: chkrootkit indicates infection
Josh Coffman wrote:

>I just installed rkhunter and chkrootkit and ran them.
>chkrootkit gave me one infected message:
>
>Checking `bindshell'... INFECTED (PORTS: 4000)
>
>What can I do to find out more? I'm not sure if this
>message really means I have a problem or just
>something I need to investigate.
>
>btw, rkhunter seemed to say everything checks out.
>Just a couple things were in yellow text which I can't
>read against the white console background.
>
>-j
>
>
>        
>__________________________________
>Start your day with Yahoo! - Make it your home page!
>http://www.yahoo.com/r/hs
>---------------------------------------------------
>PLUG-discuss mailing list -
>To subscribe, unsubscribe, or to change you mail settings:
>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>
Bindshell often comes up with false positives.
That may or may not be an issue.
Do you have mldonkey running? (saw reference to it on google).



--
JD Austin
Twin Geckos Technology Services LLC
email:
http://www.twingeckos.com
phone/fax: 480.288.8195

---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Re: chkrootkit indicates infectionRe: Open Source vs. Commercial Software->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)