(2002-01-12) Igor Balusov sed : | What is mean: | "If you're running PortSentry/klaxon or another program that binds itself to | unused ports probably chkrootkit will give you a false positive on the | bindshell test (ports .. 31336/tcp, 31337/tcp ...)."? | It is from http://www.chkrootkit.org/ | My PC is really hacked or no? How I can determine it? | When I run "netstat -an" I get | "udp 0 0 0.0.0.0:31337 0.0.0.0:*" | How I can stop this? | Billy
fuser -n udp 31337 will give you the PID of the process lsitening on the port 31337. The with ps you will be able to discover the process hiding behind. Otherwise, lsof is too your friend :) -- VALLIET Emmanuel Webmotion Inc. (-> http://www.webmotion.com <-) Bored? Drive the speed limit... in your garage.
