chkrootkit indicates infection
JD Austin
jd at twingeckos.com
Mon Oct 24 10:30:29 MST 2005
Josh Coffman wrote:
>I just installed rkhunter and chkrootkit and ran them.
>chkrootkit gave me one infected message:
>
>Checking `bindshell'... INFECTED (PORTS: 4000)
>
>What can I do to find out more? I'm not sure if this
>message really means I have a problem or just
>something I need to investigate.
>
>btw, rkhunter seemed to say everything checks out.
>Just a couple things were in yellow text which I can't
>read against the white console background.
>
>-j
>
>
>
>__________________________________
>Start your day with Yahoo! - Make it your home page!
>http://www.yahoo.com/r/hs
>---------------------------------------------------
>PLUG-discuss mailing list - PLUG-discuss at lists.plug.phoenix.az.us
>To subscribe, unsubscribe, or to change you mail settings:
>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
>
Bindshell often comes up with false positives.
That may or may not be an issue.
Do you have mldonkey running? (saw reference to it on google).
--
JD Austin
Twin Geckos Technology Services LLC
email: jd at twingeckos.com
http://www.twingeckos.com
phone/fax: 480.288.8195
More information about the PLUG-discuss
mailing list