Searching for rootedoor... nothing found
Searching for anomalies in shell history files... Warning: `//root/.mysql_history' file size is zero
Checking `asp'... not infected
Checking `bindshell'... INFECTED (PORTS: 465)
Checking `lkm'... chkproc: nothing detected
Checking `rexedcs'... not found
Above is a part of chkrootkit report i receive everyday,today seem something is wrong as bindshell is INFECTED.Any suggestion what should i do in this case?
Thank you for all help
If you're running PortSentry/klaxon or another program that binds itself to unused ports probably chkrootkit will give you a false positive on the bindshell test (ports 114/tcp, 465/tcp, 511/tcp, 1008/tcp, 1524/tcp, 1999/tcp, 3879/tcp, 4369/tcp, 5665/tcp, 10008/tcp, 12321/tcp, 23132/tcp, 27374/tcp, 29364/tcp, 31336/tcp, 31337/tcp, 45454/tcp, 47017/tcp, 47889/tcp, 60001/tcp).