BindShell False Positives FBSD-4.10.p3
hutchens
david.hutchens at drs-sss.com
Fri Oct 29 10:41:52 PDT 2004
Afternoon;
Here's sample output from netstat -an when Chkrootkit Reports a Bindshell
Infection on port 114:
Proto Recv-Q Send-Q Local Address Foreign Address (state)
*.* LISTEN
udp4 0 0 127.0.0.1.4701 127.0.0.1.123
udp4 114 0 *.1355 *.*
Sincerely;
David Hutchens III
Network Technician
DRS Surveillance Support Systems - A division of DRS Technologies.
(727) 541-6681 ext.3313
david.hutchens at drs-sss.com <mailto:david.hutchens at drs-sss.com>
More information about the freebsd-ports
mailing list