Hello,
Since Dec 2nd, the rkhunter on my server Ubuntu 8.04 started reporting several warnings here they are:
Code:
Warning: Network TCP port 1524 is being used by /usr/sbin/portsentry. Possible rootkit: Possible FreeBSD (FBRK) Rootkit backdoor
Use the 'lsof -i' or 'netstat -an' command to check this.
Warning: Network TCP port 6667 is being used by /usr/sbin/portsentry. Possible rootkit: Possible rogue IRC bot
Use the 'lsof -i' or 'netstat -an' command to check this.
Warning: Network TCP port 31337 is being used by /usr/sbin/portsentry. Possible rootkit: Historical backdoor port
Use the 'lsof -i' or 'netstat -an' command to check this.
Warning: Application 'gpg', version '1.4.9', is out of date, and possibly a security risk.
Warning: Application 'openssl', version '0.9.8g', is out of date, and possibly a security risk.
Warning: Application 'php', version '5.2.6', is out of date, and possibly a security risk.
Warning: Application 'sshd', version '5.1p1', is out of date, and possibly a security risk.
Is this something I should worry about or is just rkhunter being overzealous?
Thank you,
-D
Bookmarks