Help - Search - Members - Calendar
Full Version: Help Whit Rootkit Removal!
Linuxhelp > Support > Technical Support
hi, i am kinda newbie in unix and i jsut rented a dedicated server and i whant to keep it clean of rootkits and exploits and stuuf like this. I chked it whi CHKROOTKIT and i says that the bindshell is infected, but i dont know what to do next: "Checking `asp'... not infected
Checking `bindshell'... INFECTED (PORTS: 465)
Checking `lkm'... Checking `rexedcs'... not found"
If you could helpe me please whit some adiveces (for newbie...not advenced, step by step) i would pe very greatfull and also some tips for keeping the server clean of this stuff would be great to.

Thank you very much in advance!
Rent, you say. Then you're not the owner of the box. So maybe the CO is watching you.
There is a program called portSentry/klaxon that can cause false positives with that test ... as can many other things.

Here is a reference:

If your linux box has the command lsof, issue this command to see what program is listening on which ports:

lsof -i -T | less
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2018 Invision Power Services, Inc.