Hacked too?

I have run chkrootkit and get Checking `bindshell'... INFECTED (PORTS: 31337) What I need to do? Billy òÅËÌÁÍÁ: íÏÓËÏ×ÓËÁÑ ëÁÌÅÎÄÁÒÎÁÑ æÁÂÒÉËÁ - Ë×ÁÒÔÁÌØÎÙÅ ËÁÌÅÎÄÁÒÉ ÐÏ ÓÁÍÙÍ ÎÉÚËÉÍ ÃÅÎÁÍ. ôÅÌÅÆÏÎ: (8095)254-88-55 http://www.kalendar.r2.ru/ -- To UNSUBSCRIBE, email to

Re: Hacked too?

also sprach éÇÏÒØ âÁÌÕÓÏ× [EMAIL PROTECTED] [2002.01.11.2316 +0100]: I have run chkrootkit and get Checking `bindshell'... INFECTED (PORTS: 31337) What I need to do? reinstall. no, really! unless this is a non-productive system, in which case you are free to try to remove it. but once you

RE: Hacked too?

knocking on your door after they findout that your home PC has been banging on their network .. :P -Original Message- From: martin f krafft [mailto:[EMAIL PROTECTED]] Sent: January 11, 2002 2:34 PM To: [EMAIL PROTECTED] Subject: Re: Hacked too? also sprach éÇÏÒØ âÁÌÕÓÏ× [EMAIL

RE: Hacked too?

I have run chkrootkit and get Anyone have a d/l site for the deb package of this? Ed -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

RE: Hacked too?

What is mean: If you're running PortSentry/klaxon or another program that binds itself to unused ports probably chkrootkit will give you a false positive on the bindshell test (ports .. 31336/tcp, 31337/tcp ...).? It is from http://www.chkrootkit.org/ My PC is really hacked or no? How I can

RE: Hacked too?

On Fri, 2002-01-11 at 17:49, Igor Balusov wrote: What is mean: If you're running PortSentry/klaxon or another program that binds itself to unused ports probably chkrootkit will give you a false positive on the bindshell test (ports .. 31336/tcp, 31337/tcp ...).? It is from

RE: Hacked too?

(2002-01-12) Igor Balusov sed : | What is mean: | If you're running PortSentry/klaxon or another program that binds itself to | unused ports probably chkrootkit will give you a false positive on the | bindshell test (ports .. 31336/tcp, 31337/tcp ...).? | It is from

RE: Hacked too?

Thanks Stephen, I have run the netstat -anp The result is: 0.0.0.0:31337 0.0.0.0:*1687/fakebo Really I have installed fakebo. It is usefull. Very often anybody try to find on my PC backdoors. It help me to discover theirs. Billy òÅËÌÁÍÁ: íÏÓËÏ×ÓËÁÑ ëÁÌÅÎÄÁÒÎÁÑ æÁÂÒÉËÁ -

Re: Hacked too?

Sorry but could someone please summerize what the Hacked too? thread is about? someone used a script, which should detect rootkits and it said it found one, although there is probably none. it seems just to check whether a certain port is open. just ignore the thread ;) bye Ralf

Re: Hacked too?

Hi Ed, On Fri, Jan 11, 2002 at 05:46:58PM -0500, Ed Street wrote: I have run chkrootkit and get Anyone have a d/l site for the deb package of this? apt-get install chkrootkit Uwe. -- Uwe Hermann [EMAIL PROTECTED] [EMAIL PROTECTED] | Unmaintained Free Software:

Hacked too?

I have run chkrootkit and get Checking `bindshell'... INFECTED (PORTS: 31337) What I need to do? Billy Реклама: Московская Календарная Фабрика - квартальные календари по самым низким ценам. Телефон: (8095)254-88-55 http://www.kalendar.r2.ru/

Re: Hacked too?

also sprach éÇÏÒØ âÁÌÕÓÏ× [EMAIL PROTECTED] [2002.01.11.2316 +0100]: I have run chkrootkit and get Checking `bindshell'... INFECTED (PORTS: 31337) What I need to do? reinstall. no, really! unless this is a non-productive system, in which case you are free to try to remove it. but once you

RE: Hacked too?

knocking on your door after they findout that your home PC has been banging on their network .. :P -Original Message- From: martin f krafft [mailto:[EMAIL PROTECTED] Sent: January 11, 2002 2:34 PM To: debian-security@lists.debian.org Subject: Re: Hacked too? also sprach éÇÏÒØ

RE: Hacked too?

I have run chkrootkit and get Anyone have a d/l site for the deb package of this? Ed

RE: Hacked too?

What is mean: If you're running PortSentry/klaxon or another program that binds itself to unused ports probably chkrootkit will give you a false positive on the bindshell test (ports .. 31336/tcp, 31337/tcp ...).? It is from http://www.chkrootkit.org/ My PC is really hacked or no? How I can

RE: Hacked too?

On Fri, 2002-01-11 at 17:49, Igor Balusov wrote: What is mean: If you're running PortSentry/klaxon or another program that binds itself to unused ports probably chkrootkit will give you a false positive on the bindshell test (ports .. 31336/tcp, 31337/tcp ...).? It is from

RE: Hacked too?

(2002-01-12) Igor Balusov sed : | What is mean: | If you're running PortSentry/klaxon or another program that binds itself to | unused ports probably chkrootkit will give you a false positive on the | bindshell test (ports .. 31336/tcp, 31337/tcp ...).? | It is from

RE: Hacked too?

Thanks Stephen, I have run the netstat -anp The result is: 0.0.0.0:31337 0.0.0.0:*1687/fakebo Really I have installed fakebo. It is usefull. Very often anybody try to find on my PC backdoors. It help me to discover theirs. Billy Реклама: Московская Календарная Фабрика -

Re: Hacked too?

Sorry but could someone please summerize what the Hacked too? thread is about? someone used a script, which should detect rootkits and it said it found one, although there is probably none. it seems just to check whether a certain port is open. just ignore the thread ;) bye Ralf

Re: Hacked too?

Hi Ed, On Fri, Jan 11, 2002 at 05:46:58PM -0500, Ed Street wrote: I have run chkrootkit and get Anyone have a d/l site for the deb package of this? apt-get install chkrootkit Uwe. -- Uwe Hermann [EMAIL PROTECTED] [EMAIL PROTECTED] | Unmaintained Free Software:

RE: Hacked too?

Sorry but could someone please summerize what the Hacked too? thread is about? just got back into town and not making sense of the thread that i read in the archives Thankx