Are you running PortSentry? If you are, that may give you a false positive on Port 465.
-----Original Message----- From: centos-bounces@caosity.org [mailto:centos-bounces@caosity.org] On Behalf Of WipeOut Sent: 11 January 2005 18:19 To: CentOS discussion and information list Subject: [Centos] Think someone has got into my server...
I have just run chkrootkit on my server and have the following two suspicious entries..
Searching for suspicious files and dirs, it may take a while... /usr/lib/perl5/5.8.0/i386-linux-thread-multi/.packlist
and further down..
Checking `bindshell'... INFECTED (PORTS: 465)
Anyone have any advice for getting rid of it??
Later..
_______________________________________________ CentOS mailing list CentOS@caosity.org http://lists.caosity.org/mailman/listinfo/centos