From: [email protected]

Package: chkrootkit
Version: 0.43-1
Severity: minor


margot:~# chkrootkit -q
INFECTED (PORTS: 465)
margot:~# netstat -ap |grep 465
margot:~# telnet localhost 465
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
^]
telnet> close
Connection closed.
margot:~# grep 465 /etc/services
ssmtp 465/tcp smtps # SMTP over SSL
margot:~# grep ssmtp /etc/inetd.conf
ssmtp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/sslwrap \
-cert /etc/sslwrap/mail.pem -addr 127.0.0.1 -port 25

I double-checked with 'openssl s_client', and it's a legitimate
SMTP-over-SSL service running on port 465.

-- System Information:
Debian Release: 3.0
APT prefers unstable
APT policy: (80, 'unstable'), (50, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.7
Locale: LANG=en_CA, LC_CTYPE=en_CA

Versions of packages chkrootkit depends on:
ii binutils 2.12.90.0.1-4 The GNU assembler, linker and bina ii libc6 2.3.2.ds1-13 GNU C Library: Shared libraries an ii net-tools 1.60-4 The NET-3 networking toolkit

-- no debconf information


--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)