[Centos] Think someone has got into my server...

Tue Jan 11 13:56:25 UTC 2005
Ho Chaw Ming <chawming at pacific.net.sg>

Are you running PortSentry? If you are, that may give you a false positive
on Port 465.  

-----Original Message-----
From: centos-bounces at caosity.org [mailto:centos-bounces at caosity.org] On
Behalf Of WipeOut
Sent: 11 January 2005 18:19
To: CentOS discussion and information list
Subject: [Centos] Think someone has got into my server...

I have just run chkrootkit on my server and have the following two
suspicious entries..

Searching for suspicious files and dirs, it may take a while...

and further down..

Checking `bindshell'... INFECTED (PORTS:  465)

Anyone have any advice for getting rid of it??


CentOS mailing list
CentOS at caosity.org