11 Jan
2005
11 Jan
'05
11:19 a.m.
I have just run chkrootkit on my server and have the following two suspicious entries..
Searching for suspicious files and dirs, it may take a while... /usr/lib/perl5/5.8.0/i386-linux-thread-multi/.packlist
and further down..
Checking `bindshell'... INFECTED (PORTS: 465)
Anyone have any advice for getting rid of it??
Later..