Eu l-am instalat ,....dar acum imi dau seama ca face acelasi lucru pe toate
porturile bnecunoscute de trojeni si exploituri..
George
Stefan Laudat wrote:
> e, poata portsentry are vreun modul de fake BO.asta in caz ca l-ai
> instalat tu si nu altul. :)
> sau poate a incercat cineva BO si boul a facut bind pe portul ala.
> stiu ca portsentry e cam rau vazut de expertii in securitate.
>
> On Mon, Apr 02, 2001 at 02:45:13PM +0300, George Serban wrote:
> >
> > pai vad ca e portsentry ....:-))
> >
> > Stefan Laudat wrote:
> >
> > > netstat -auntp | grep 31337 si vezi care e procesul.
> > > sau instaleaza-ti o scula misto de genul lsof
> > >
> > > On Tue, Apr 24, 2001 at 01:10:42PM +0300, George Serban wrote:
> > > >
> > > > rootkitul meu imi detecteaza:
> > > >
> > > > Checking `bindshell'... INFECTED (PORTS: 31337)
> > > >
> > > > Desi masina nu are nici o alta urma de ceva neinregula
> > > >
> > > > [root@ns chkrootkit-0.31]# netstat -all | grep 31337
> > > > tcp 0 0 *:31337 *:*
> > > > LISTEN
> > > > udp 0 0 *:31337 *:*
> > > >
> > > > Ce spuneti despre asta ?? si ce pot sa fac?
> > > >
> > > > George
> > > >
> > > > ---
> > > > Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
> > > > unsubscribe from this list.
> > > >
> > >
> > > --
> > > Stefan Laudat
> > > CCNA & CCAI
> > > -------------
> > > "I *know* it's 1 AM, but could you please change the root password?"
> > > ---
> > > Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
> > > unsubscribe from this list.
> >
> > ---
> > Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
> > unsubscribe from this list.
> >
>
> --
> Stefan Laudat
> CCNA & CCAI
> -------------
> "I *know* it's 1 AM, but could you please change the root password?"
> ---
> Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
> unsubscribe from this list.
---
Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
unsubscribe from this list.
