Date: Sun, 30 Mar 2003 11:06:30 -0800 From: Erick Mechler <emechler@techometer.net> To: Mike Loiterman <mike@ascendency.net> Cc: freebsd-security@freebsd.org Subject: Re: Bindshell rootkit Message-ID: <20030330190630.GB651@techometer.net> In-Reply-To: <020801c2f519$62e27130$0301a8c0@mike> References: <020801c2f519$62e27130$0301a8c0@mike>
next in thread | previous in thread | raw e-mail | index | archive | help
:: Anyway, I killed it again this morning and restarted. The infect :: message went away immediately. :: :: Could this have been the problem? Could have been, but there's no way to be sure now. When you had the chance, 'lsof -i tcp:114' would have told you what process was bound to TCP/114. Cheers - Erick
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030330190630.GB651>