RE: Have I been kitted?

From: Matthew Thompson (matthew.thompson@lrfairplay.com)
Date: 06/12/02


From: Matthew Thompson <matthew.thompson@lrfairplay.com>
To: "'Terry Browning'" <terry@nihil.demon.co.uk>, "'focus-linux@securityfocus.com'" <focus-linux@securityfocus.com>
Date: Wed, 12 Jun 2002 09:07:33 +0100


> Maybe it's my paranoia, but I've been adding a few tools to my system
> recently, and I've had a small panic as a result.
>
> Using chkrootkit:
>
> 10000/tcp open unknown

10000 is the port used by default for Webmin - try http://localhost:10000 or
https://localhost:10000 from the machine itself if you've never used webmin
before.

Webmin is pretty secure but there are a few holes found in it in the past.

M@t :o) ~ndisc