Hi, I do run Portsentry on this server but have done that for a long time, and never got that message before when running Chkrootkit.If this is Portsentery it should have been giving that messagelong time ago at once it was innstalled? And Chrootkit allso point out port 1524. But i tell you all what i find when finishing the metod i got from Michael.
Kai > Emne: Re: [cobalt-security] bindshell'... INFECTED (PORTS: 1524 31337) > > > Hi Brian, > > > Port 31337 is likely just a false positive from Portsentry > > I'm not so sure. When Chkrootkit says "bindshell", then this info > is pretty > accurate. Chkrootkit never complains about Portsentry. > > However, port 31337 is usually associated with Back Orifice which will of > course not run on a Linux box. > > -- > > With best regards, > > Michael Stauber > [EMAIL PROTECTED] > Unix/Linux Support Engineer > _______________________________________________ > cobalt-security mailing list > [EMAIL PROTECTED] > http://list.cobalt.com/mailman/listinfo/cobalt-security > _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
