e, poata portsentry are vreun modul de fake BO.asta in caz ca l-ai
instalat tu si nu altul. :)
sau poate a incercat cineva BO si boul a facut bind pe portul ala.
stiu ca portsentry e cam rau vazut de expertii in securitate.
On Mon, Apr 02, 2001 at 02:45:13PM +0300, George Serban wrote:
>
> pai vad ca e portsentry ....:-))
>
> Stefan Laudat wrote:
>
> > netstat -auntp | grep 31337 si vezi care e procesul.
> > sau instaleaza-ti o scula misto de genul lsof
> >
> > On Tue, Apr 24, 2001 at 01:10:42PM +0300, George Serban wrote:
> > >
> > > rootkitul meu imi detecteaza:
> > >
> > > Checking `bindshell'... INFECTED (PORTS: 31337)
> > >
> > > Desi masina nu are nici o alta urma de ceva neinregula
> > >
> > > [root@ns chkrootkit-0.31]# netstat -all | grep 31337
> > > tcp 0 0 *:31337 *:*
> > > LISTEN
> > > udp 0 0 *:31337 *:*
> > >
> > > Ce spuneti despre asta ?? si ce pot sa fac?
> > >
> > > George
> > >
> > > ---
> > > Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
> > > unsubscribe from this list.
> > >
> >
> > --
> > Stefan Laudat
> > CCNA & CCAI
> > -------------
> > "I *know* it's 1 AM, but could you please change the root password?"
> > ---
> > Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
> > unsubscribe from this list.
>
> ---
> Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
> unsubscribe from this list.
>
--
Stefan Laudat
CCNA & CCAI
-------------
"I *know* it's 1 AM, but could you please change the root password?"
---
Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
unsubscribe from this list.
