Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )

Advanced DNS Management
New ZoneEdit. New Managment.


Sign Up Now
Reply to this topicStart new topic
> Help Whit Rootkit Removal!, i need help really!
post Jan 21 2004, 02:47 PM
Post #1

Whats this Lie-nix Thing?

Group: Members
Posts: 1
Joined: 21-January 04
Member No.: 2,197

hi, i am kinda newbie in unix and i jsut rented a dedicated server and i whant to keep it clean of rootkits and exploits and stuuf like this. I chked it whi CHKROOTKIT and i says that the bindshell is infected, but i dont know what to do next: "Checking `asp'... not infected
Checking `bindshell'... INFECTED (PORTS: 465)
Checking `lkm'... Checking `rexedcs'... not found"
If you could helpe me please whit some adiveces (for newbie...not advenced, step by step) i would pe very greatfull and also some tips for keeping the server clean of this stuff would be great to.

Thank you very much in advance!
Go to the top of the page
+Quote Post
post Jan 22 2004, 08:20 PM
Post #2


Group: Members
Posts: 98
Joined: 1-April 03
Member No.: 613

Rent, you say. Then you're not the owner of the box. So maybe the CO is watching you.

Go to the top of the page
+Quote Post
post Jan 22 2004, 09:46 PM
Post #3

Its GNU/

Group: Admin
Posts: 3,433
Joined: 25-July 03
From: Corpus Chrsiti, TX, USA
Member No.: 1,151

There is a program called portSentry/klaxon that can cause false positives with that test ... as can many other things.

Here is a reference:

If your linux box has the command lsof, issue this command to see what program is listening on which ports:

lsof -i -T | less

Johnny Hughes
Enterprise Alternatives: CentOS, WhiteBoxEL
Favorite Workstation Distros (in order): CentOS, Gentoo, Debian Sarge, Ubuntu, Mandrake, FedoraCore, Slackware, SUSE
Favorite Server Distros (in order): CentOS, WhiteBoxEL, Debian Sarge, Slackware, Mandrake, FedoraCore, Gentoo, SUSE
Go to the top of the page
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:


RSS Lo-Fi Version Time is now: 19th July 2018 - 06:18 AM