LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page subseven opening ports
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-14-2004, 08:04 AM   #1
saag
LQ Newbie
 
Registered: Mar 2004
Location: thailand
Distribution: red 8
Posts: 15

Rep: Reputation: 0
subseven opening ports

Can someone please help on removal of this thing. it has opened two ports. one stealth and one on 1234. i shut down the ports, but am concerned about it on my linux os. it came from 130.remotehosting.net. a us watcher. 208 address. I would look at removal tools for linux, but am not sure of them as could insert other spy trojans. can someone please advise or help on best solution to get this crackers twat tool off linux.

many thanks

ps... am also worried about my firewall for allowing this thing in. any good firewalls anti virus visual style.....
 
Old 03-14-2004, 10:33 AM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
Subseven is a Windows trojan/backdoor and should not work on linux. Try doing:

lsof -i

or if you don't have lsof, try:

netstat -pantu
 
Old 03-16-2004, 08:55 AM   #3
saag
LQ Newbie
 
Registered: Mar 2004
Location: thailand
Distribution: red 8
Posts: 15

Original Poster
Rep: Reputation: 0
Have now resolved issues that appeared on firewall.
Have also downloaded logcheck and portsentry to control or make syslog checks for any future actions brought on by newbie thoughts

Thanks for your post.
 
Old 03-16-2004, 09:06 AM   #4
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
You should definitely take a look at tripwire and chkrootkit as well.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
opening ports I think jleipert Linux - Security 7 09-04-2005 09:14 AM
Opening ports lunke Linux - Security 10 06-07-2005 03:04 AM
Opening ports for games. fipeso Linux - Security 2 05-02-2005 01:39 PM
Ports still not opening! Help? spam4scott Linux - Networking 1 05-28-2004 12:48 AM
Opening Ports george3k Linux - Newbie 7 02-16-2003 01:59 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 08:56 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration