Re: chkrootkit: Checking `bindshell'... INFECTED (PORTS: 600)
On 2005-03-19 18:31:03 +0100, Matthijs wrote:
> On Sat, 19 Mar 2005 13:30:16 +0100, Vincent Lefevre
> <vincent@vinc17.org> wrote:
> > COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
> > rpc.statd 1696 root 5u IPv4 1909 UDP *:600
>
> On my system:
> COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
> mlnet 2065 mldonkey 27u IPv4 4827 TCP *:4000 (LISTEN)
>
> ... yes, I've got mldonkey running, might be on port 4000, but what's
> that got to do with bindshell? Should I worry?
In my case, I don't even know why rpc.statd listens on port 600.
--
Vincent Lefèvre <vincent@vinc17.org> - Web: <http://www.vinc17.org/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.org/blog/>
Work: CR INRIA - computer arithmetic / SPACES project at LORIA
Reply to: