I think that's fairly common (for RaQs to show 'bindshell', as being infected). I believe it has something to do with active monitor.
:D -- David Black http://theWaveCave.com Web Site design, hosting, and programming Custom multimedia, animation and graphics ---------- Original Message ----------- From: "Keith Medhurst" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sat, 3 Aug 2002 21:00:16 +0100 Subject: [cobalt-security] Chkrootkit > Hello, > > Hope this is the right place to mention this. I've just been running the > latest chkrootkit (.36?) and it gives the following message.. > > Checking `bindshell'... INFECTED (PORTS: 1524 31337) > > I cant seem to find anything on these ports using 'netstat' - Anyone with > any ideas, or what a bindshell is for it to become infected? > > Thanks in advance, > > Keith Medhurst > Gridstar Networking Int. > > _______________________________________________ > cobalt-security mailing list > [EMAIL PROTECTED] > http://list.cobalt.com/mailman/listinfo/cobalt-security ------- End of Original Message ------- _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
