The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

rkhunter, TCP port 1524, false positive?

Discussion in 'Security' started by m0rgulvale, Feb 13, 2010.

  1. m0rgulvale

    m0rgulvale Member

    Joined:
    Sep 18, 2009
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    hi, rkhunter shows the following results on one of my systems:


    [22:15:59] Checking for TCP port 1524 [ Warning ]
    [22:15:59] Warning: Network TCP port 1524 is being used by /usr/local/apache/bin/httpd. Possible rootkit: Possible FreeBSD (FBRK) Rootkit backdoor


    the log also says:

    FreeBSD Rootkit [ Not found ]




    Additionally, I ran rkhunter a second time.... and this time it didn't show the port 1524 message



    is this a false positive related to cpanel?
     
    #1 m0rgulvale, Feb 13, 2010
    Last edited: Feb 13, 2010
Loading...

Share This Page