Peter Thomassen <[EMAIL PROTECTED]> writes: > Package: chkrootkit > Version: 0.45-1 > > If the Erlang portmapper daemon (epmd) included in erlang-base is running, > chkrootkit reports: > > | Checking `bindshell'... INFECTED (PORTS: 4369) > > This is wrong, please fix this. > > For reference, using erlang-base 1:10.b.1a-2.2 from unstable, epmd is located > at /usr/lib/erlang/erts-5.4.2.1/bin/epmd.
thanks for the report. bindshell listens on port 4369. chkrootkit bases it's checks simply on whether the port is being listened on. this is the design that upstream prefers, so this will not be fixed (any time soon). i've listed erlang-base in the README.FALSE-POSITIVES file. -l
pgpjAIza6q5xF.pgp
Description: PGP signature
