Security Basics mailing list archives
Chkrootkit finds bindshell
From: "Phil Cryer" <phil () cryer us>
Date: Mon, 22 Aug 2005 09:58:00 -0500
On: [root@pepe /usr/local/www/data]# uname -a FreeBSD pepe.cryer.us 6.0-CURRENT-SNAP004 FreeBSD 6.0-CURRENT-SNAP004 #0: Thu Jun 2 06:12:51 UTC 2005 root () wv1u samsco home:/usr/obj/usr/src/sys/GENERIC i386 chkrootkit found: Checking `bindshell'... INFECTED (PORTS: 465) Googling finds that it's often a 'false positive'. What is the concensus from this group? What should be done? P "You teach best what you most need to learn." - Richard Bach
Current thread:
- Chkrootkit finds bindshell Phil Cryer (Aug 23)
- <Possible follow-ups>
- RE: Chkrootkit finds bindshell Keith Bucher (Aug 23)
- Re: Chkrootkit finds bindshell Esteban B. (Aug 24)
- Re: Chkrootkit finds bindshell Phil Cryer (Aug 23)