[prev in list] [next in list] [prev in thread] [next in thread]
List: chkrootkit-users
Subject: Re: [crt-users] false bindshell (no portsentry)
From: Ralf Spenneberg <spenneb () spenneberg ! de>
Date: 2003-02-14 7:13:58
[Download RAW message or body]
Am Fre, 2003-02-14 um 07.40 schrieb Hamad AlJudai':
Hi
> when i was running chkrootkit on rh7.3 it gave me this:
>
> Checking `bindshell'... INFECTED (PORTS: 465)
> so its not a backdoor for sure, how can i avoid this in the next time?
Edit Line 202 in the chkrootkit skript and remove the 465.
Cheers,
Ralf
>
--
Ralf Spenneberg
UNIX/Linux Trainer and Consultant
Waldring 34 48565 Steinfurt Germany
Fon: +49(0)2552 638 755 Fax: +49(0)2552 638 757
Mobil: +49(0)177 567 27 40
Markt+Technik Buch: Intrusion Detection für Linux
Server
IPsec/PPTP Kernels for Red Hat Linux:
http://www.spenneberg.com/.net/.org/.de
Honeynet Project Mirror: http://honeynet.spenneberg.org
Snort Mirror: http://snort.spenneberg.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic