[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] bindshell'... INFECTED (PORTS: 1524 31337)

Subject: Re: [cobalt-security] bindshell'... INFECTED (PORTS: 1524 31337)
From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
Date: Mon, 10 Dec 2001 23:01:08 +0100
Organization: Stauber Multimedia Design
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Brian,

> Port 31337 is likely just a false positive from Portsentry

I'm not so sure. When Chkrootkit says "bindshell", then this info is pretty 
accurate. Chkrootkit never complains about Portsentry.

However, port 31337 is usually associated with Back Orifice which will of 
course not run on a Linux box.

-- 

With best regards,

Michael Stauber
mstauber@xxxxxxxxxxxxxx
Unix/Linux Support Engineer

Follow-Ups:
- SV: [cobalt-security] bindshell'... INFECTED (PORTS: 1524 31337)
  - From: Kai r. s., euroweb as
- Re: [cobalt-security] bindshell'... INFECTED (PORTS: 1524 31337)
  - From: Brian Rahill

References:
- [cobalt-security] bindshell'... INFECTED (PORTS: 1524 31337)
  - From: Kai r. s., euroweb as
- Re: [cobalt-security] bindshell'... INFECTED (PORTS: 1524 31337)
  - From: Brian Rahill

Prev by Date: Re: [cobalt-security] bindshell'... INFECTED (PORTS: 1524 31337)
Next by Date: SV: [cobalt-security] bindshell'... INFECTED (PORTS: 1524 31337)
Previous by thread: Re: [cobalt-security] bindshell'... INFECTED (PORTS: 1524 31337)
Next by thread: SV: [cobalt-security] bindshell'... INFECTED (PORTS: 1524 31337)

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index