Hello chkrootkit is certainly very "trigger-happy" but IMHO this is a feature not a bug. Quoting the README.FALSE-POSITIVES file included with the package:
"bindshell listens on a lot of ports. these ports are also used by other legitimate programs. chkrootkit's detection algorithm cannot determine the difference between a legitimate program and bindshell." IMHO, the best solution is tweaking the report in order to avoid such message when you *really* know this is a false positive and you already investigated it. If you want to discuss it, please go ahead. If not i will close this bug in a few days. Greetings, Marcos
