Bug#420621: mldonkey-server: Does not report usage of port 4000 correctly (chkrootkit related)
Package: mldonkey-server
Version: 2.8.1-2etch1
Severity: normal
Hi,
it seems that Mldonkey does not report the use of port 4000 (telnet)
correctly, because chkrootkit reports it as "INFECTED", which should not
happen for a program in Debian, no?
Here is the report given by chkrootkit:
----------
>From root@localhost.localdomain Mon Apr 23 07:08:56 2007
Envelope-to: root@localhost.localdomain
Delivery-date: Mon, 23 Apr 2007 07:08:56 +0200
From: root@localhost.localdomain (Cron Daemon)
To: root@localhost.localdomain
Subject: Cron <root@Papageno> test -x /usr/sbin/anacron || ( cd / &&
run-parts --report /etc/cron.daily )
Content-Type: text/plain; charset=ANSI_X3.4-1968
X-Cron-Env: <SHELL=/bin/sh>
X-Cron-Env:
<PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin>
X-Cron-Env: <HOME=/root>
X-Cron-Env: <LOGNAME=root>
Date: Mon, 23 Apr 2007 07:08:56 +0200
/etc/cron.daily/chkrootkit:
The following suspicious files and directories were found:
(...)
INFECTED (PORTS: 4000)
--------
And this is result of nmap
--------
$ nmap localhost
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2007-04-23 17:21
CEST
Interesting ports on Papageno (127.0.0.1):
Not shown: 1669 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
111/tcp open rpcbind
113/tcp open auth
443/tcp open https
4000/tcp open remoteanything
6881/tcp open bittorent-tracker
9999/tcp open abyss
31416/tcp open boinc-client
Nmap finished: 1 IP address (1 host up) scanned in 0.225 seconds
----------
I will be happy to provide any help and logs needed.
Regards,
Didier
-- System Information:
Debian Release: 4.0
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-4-k7
Locale: LANG=fr_CH.UTF-8, LC_CTYPE=fr_CH.UTF-8 (charmap=UTF-8)
Versions of packages mldonkey-server depends on:
ii adduser 3.102 Add and remove users and groups
ii debconf [debconf-2.0] 1.5.11 Debian configuration management sy
ii dpkg 1.13.25 package maintenance system for Deb
ii libbz2-1.0 1.0.3-6 high-quality block-sorting file co
ii libc6 2.3.6.ds1-13 GNU C Library: Shared libraries
ii libgcc1 1:4.1.1-21 GCC support library
ii libgd2-noxpm 2.0.33-5.2 GD Graphics Library version 2 (wit
ii libpng12-0 1.2.15~beta5-1 PNG library - runtime
ii libstdc++6 4.1.1-21 The GNU Standard C++ Library v3
ii mime-support 3.39-1 MIME files 'mime.types' & 'mailcap
ii ucf 2.0020 Update Configuration File: preserv
ii zlib1g 1:1.2.3-13 compression library - runtime
mldonkey-server recommends no packages.
-- debconf information:
* mldonkey-server/max_hard_download_rate: 0
* mldonkey-server/launch_at_startup: true
mldonkey-server/max_alive: 48
mldonkey-server/run_as_user: mldonkey
mldonkey-server/reown_file: false
mldonkey-server/mldonkey_group: mldonkey
mldonkey-server/mldonkey_niceness: 0
mldonkey-server/false_password:
mldonkey-server/fasttrack_problem:
* mldonkey-server/mldonkey_dir: /var/lib/mldonkey
mldonkey-server/mldonkey_move: false
* mldonkey-server/max_hard_upload_rate: 0
Reply to: