[prev in list] [next in list] [prev in thread] [next in thread]
List: chkrootkit-users
Subject: Re[2]: [crt-users] Slapper found....but where is it?
From: Filbert <Filbert () pandora ! be>
Date: 2003-02-11 7:53:33
[Download RAW message or body]
Hello Hannu,
Tuesday, February 11, 2003, 8:34:01 AM, you wrote:
HK> Me too!
HK> I updated the openssl package before slapper came, and did not found any
HK> suspicious files. I'm quiet sure mine was a false positive. netstat -anp revealed that
HK> one smbd connection was on port 2015, which caused the alarm.
HK> I quess that the bindshell warning was similar. Seems like smbd causes false alarms
HK> quite easily..
Yes, in our case a radius daemon on UDP/1812 was causing the false
alarm.
Thanks to the group for the help.
--
Filbert mailto:Filbert@pandora.be
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic