chkrootkit: strange result...!!!
Hamish
lists at subvs.co.uk
Fri Dec 2 12:58:26 CET 2005
On Thursday 01 December 2005 15:36, Markus Heller wrote:
> Hi guys,
>
> can you please check if you get this, too? I got the following warning when
> I ran "chkrootkit":
>
> Checking `bindshell'... INFECTED (PORTS: 465)
>
> There's my kolab postfix on this port. It is recognized as a port which is
> infected by a rootkit. I got it on two different machines and I don't
> believe that both my kolabs are infected.
>
> Regards,
> Markus
Hi Markus
This is a false positive, and not specific to kolab. Nothing to worry about.
It is the port for smtps.
grep 465 /etc/services
smtps 465/tcp # SMTP over SSL (TLS)
Have a google, there are a couple of hits for it.
Hope that helps,
H
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.kolab.org/pipermail/users/attachments/20051202/519ba4e9/attachment.sig>
More information about the users
mailing list