[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#420621: mldonkey-server: Does not report usage of port 4000 correctly (chkrootkit related)

Package: mldonkey-server
Version: 2.8.1-2etch1
Severity: normal


it seems that Mldonkey does not report the use of port 4000 (telnet)
correctly, because chkrootkit reports it as "INFECTED", which should not
happen for a program in Debian, no?

Here is the report given by chkrootkit:

>From root@localhost.localdomain Mon Apr 23 07:08:56 2007
Envelope-to: root@localhost.localdomain
Delivery-date: Mon, 23 Apr 2007 07:08:56 +0200
From: root@localhost.localdomain (Cron Daemon)
To: root@localhost.localdomain
Subject: Cron <root@Papageno> test -x /usr/sbin/anacron || ( cd / &&
run-parts --report /etc/cron.daily )
Content-Type: text/plain; charset=ANSI_X3.4-1968
X-Cron-Env: <SHELL=/bin/sh>
X-Cron-Env: <HOME=/root>
X-Cron-Env: <LOGNAME=root>
Date: Mon, 23 Apr 2007 07:08:56 +0200

The following suspicious files and directories were found:

And this is result of nmap
$ nmap localhost

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2007-04-23 17:21
Interesting ports on Papageno (
Not shown: 1669 closed ports
22/tcp    open  ssh
25/tcp    open  smtp
53/tcp    open  domain
80/tcp    open  http
111/tcp   open  rpcbind
113/tcp   open  auth
443/tcp   open  https
4000/tcp  open  remoteanything
6881/tcp  open  bittorent-tracker
9999/tcp  open  abyss
31416/tcp open  boinc-client

Nmap finished: 1 IP address (1 host up) scanned in 0.225 seconds

I will be happy to provide any help and logs needed. 



-- System Information:
Debian Release: 4.0
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-4-k7
Locale: LANG=fr_CH.UTF-8, LC_CTYPE=fr_CH.UTF-8 (charmap=UTF-8)

Versions of packages mldonkey-server depends on:
ii  adduser                   3.102          Add and remove users and groups
ii  debconf [debconf-2.0]     1.5.11         Debian configuration management sy
ii  dpkg                      1.13.25        package maintenance system for Deb
ii  libbz2-1.0                1.0.3-6        high-quality block-sorting file co
ii  libc6                     2.3.6.ds1-13   GNU C Library: Shared libraries
ii  libgcc1                   1:4.1.1-21     GCC support library
ii  libgd2-noxpm              2.0.33-5.2     GD Graphics Library version 2 (wit
ii  libpng12-0                1.2.15~beta5-1 PNG library - runtime
ii  libstdc++6                4.1.1-21       The GNU Standard C++ Library v3
ii  mime-support              3.39-1         MIME files 'mime.types' & 'mailcap
ii  ucf                       2.0020         Update Configuration File: preserv
ii  zlib1g                    1:1.2.3-13     compression library - runtime

mldonkey-server recommends no packages.

-- debconf information:
* mldonkey-server/max_hard_download_rate: 0
* mldonkey-server/launch_at_startup: true
  mldonkey-server/max_alive: 48
  mldonkey-server/run_as_user: mldonkey
  mldonkey-server/reown_file: false
  mldonkey-server/mldonkey_group: mldonkey
  mldonkey-server/mldonkey_niceness: 0
* mldonkey-server/mldonkey_dir: /var/lib/mldonkey
  mldonkey-server/mldonkey_move: false
* mldonkey-server/max_hard_upload_rate: 0

Reply to: