Prev-20 Home Next-20 1 msg Re: Error in debian package dia 6 msg Decent iptables script for bridging? 1 msg Re: [SECURITY] [DSA 1073-1] New MySQL 4.1 packa... 2 msg can not connect to sshd 1 msg Remote exploit in Cyrus IMAPd's pop3d (not for ... 1 msg Re: [SECURITY] [DSA 1071-1] New MySQL 3.23 pack... 23 msg Request for comments: iptables script for use o... 4 msg Re: [SECURITY] [DSA 1069-1] New Linux kernel 2.... 1 msg Re: [Pkg-dia-team] Bug#368202: dia: CVE-2006-24... 2 msg Re: [SECURITY] [DSA 1059-1] New quagga packages... 1 msg Re: [SECURITY] [DSA 1058-1] New awstats package... 4 msg password minimum days problem INFECTED (PORTS: 600) \ Morgan Walker (18 May 2006) . \ Lee Braiden (18 May 2006) . \ Michael Loftis (19 May 2006) . . \ Vincent Deffontaines (19 May 2006) . \ Jose Marrero (19 May 2006) 16 msg How to prevent daemons from ever being started? 1 msg Re: [SECURITY] [DSA 1055-1] New Mozilla Firefox... 3 msg Re: [SECURITY] [DSA 1054-1] New TIFF packages f... 2 msg Re: [SECURITY] [DSA 1053-1] New Mozilla package... 5 msg Debian bind DNS 13 msg masking out invalid root logins with logcheck? 2 msg Andreas Paffrath/face2net/A-B ist außer Haus. Prev-20 Home Next-20

Prev-Msg Prev-Thread Debian-security May-2006 Next-Thread Next-Msg Subject: INFECTED (PORTS: 600) Group: Debian-security From: Morgan Walker Date: 18 May 2006 Hey guys, Just new to this mailing list, hope you guys can help me out. I was testing out the chkrootkit package on one of my debian boxes. After running 'chkrootkit -q' I received the following output: INFECTED (PORTS: 600) I looked further into and narrowed down to this. 'netstat -naptu | grep 600' gave me the following ouput: udp 0 0 0.0.0.0:600 0.0.0.0:* 2120/rpc.statd I have searched around on other mailing lists and forums, but could never really get a definitive answer. Is this a common message for chkrootkit, should I be worried? Any help would be great, thanks in advance. ~Morgan Morgan Walker Systems Administrator/Engineer M*CAM, Inc. Omni Business Center 210 Ridge-McIntire Rd., Suite 300 Charlottesville, VA 22903 434.979.7240 x311 http://www.m-cam.com <http://www.m-cam.com> ========================================================= This message, including any attachments, is intended solely for the use of the named recipient(s) and may contain confidential and/or privileged information. Any unauthorized review, use, disclosure or distribution of this communication(s) is expressly prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy any and all copies of the original message. Thank you. ========================================================= Prev-Msg Prev-Thread Debian-security May-2006 Next-Thread Next-Msg

© 2004-2008 readlist.com