chkrootkit

Paul Schmehl pauls at utdallas.edu
Mon Oct 17 12:22:59 PDT 2005


Out of curiosity more than anything else, I installed chkrootkit on a 
server I maintain and ran it.  It returned this:

Checking `bindshell'... INFECTED (PORTS:  465)

I'm running smtps on that server, so this is apparently a false positive. 
Has anyone else seen this?

Paul Schmehl (pauls at utdallas.edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/ir/security/


More information about the freebsd-questions mailing list