Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 29 Oct 2004 13:41:45 -0400
From:      "hutchens" <david.hutchens@drs-sss.com>
To:        <cordeiro@nic.br>
Cc:        ports@FreeBSD.org
Subject:   RE:BindShell False Positives FBSD-4.10.p3
Message-ID:  <D3E7D4B9902BD6119C3B0002B395D1AE02A5DE64@voodoo.drs-sss.com>

next in thread | raw e-mail | index | archive | help
Afternoon;

Here's sample output from netstat -an when Chkrootkit Reports a Bindshell
Infection on port 114:

Proto Recv-Q Send-Q  Local Address          Foreign Address        (state)


             *.*                    LISTEN
udp4       0      0  127.0.0.1.4701         127.0.0.1.123
udp4     114      0  *.1355                 *.*



Sincerely;

David Hutchens III
Network Technician
DRS Surveillance Support Systems - A division of DRS Technologies.
(727) 541-6681 ext.3313
david.hutchens@drs-sss.com <mailto:david.hutchens@drs-sss.com>






Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?D3E7D4B9902BD6119C3B0002B395D1AE02A5DE64>