[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Chkrootkit

Subject: Re: [cobalt-security] Chkrootkit
From: "David Black" <DavidBlack@xxxxxxxxxxxxxxx>
Date: Sat, 3 Aug 2002 15:07:11 -0500
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

I think that's fairly common (for RaQs to show 
'bindshell', as being infected). I believe it has 
something to do with active monitor.

:D
--
David Black
http://theWaveCave.com
Web Site design, hosting, and programming
Custom multimedia, animation and graphics


---------- Original Message -----------
From: "Keith Medhurst" <keith@xxxxxxxxxxxx>
To: <cobalt-security@xxxxxxxxxxxxxxx>
Sent: Sat, 3 Aug 2002 21:00:16 +0100
Subject: [cobalt-security] Chkrootkit

> Hello,
> 
> Hope this is the right place to mention this. I've just been running the
> latest chkrootkit (.36?) and it gives the following message..
> 
> Checking `bindshell'... INFECTED (PORTS:  1524 31337)
> 
> I cant seem to find anything on these ports using 'netstat' - Anyone with
> any ideas, or what a bindshell is for it to become infected?
> 
> Thanks in advance,
> 
> Keith Medhurst
> Gridstar Networking Int.
> 
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
------- End of Original Message -------

References:
- Re: [cobalt-security] new openssl vulnerabilities
  - From: Christopher Ringe
- [cobalt-security] Chkrootkit
  - From: Keith Medhurst

Prev by Date: [cobalt-security] Chkrootkit
Next by Date: Re: [cobalt-security] Chkrootkit
Previous by thread: [cobalt-security] Chkrootkit
Next by thread: Re: [cobalt-security] Chkrootkit

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index