The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

rkhunter, TCP port 1524, false positive?

Discussion in 'Security' started by m0rgulvale, Feb 13, 2010.

  1. m0rgulvale

    m0rgulvale Member

    Sep 18, 2009
    Likes Received:
    Trophy Points:
    hi, rkhunter shows the following results on one of my systems:

    [22:15:59] Checking for TCP port 1524 [ Warning ]
    [22:15:59] Warning: Network TCP port 1524 is being used by /usr/local/apache/bin/httpd. Possible rootkit: Possible FreeBSD (FBRK) Rootkit backdoor

    the log also says:

    FreeBSD Rootkit [ Not found ]

    Additionally, I ran rkhunter a second time.... and this time it didn't show the port 1524 message

    is this a false positive related to cpanel?
    #1 m0rgulvale, Feb 13, 2010
    Last edited: Feb 13, 2010

Share This Page