Security Basics: chkrootkit output question. Follow up #xxx

[Al <omega0x () yahoo com>]

Hello world: 2003, Year of Hope !!!


On Tuesday 02 September 2003 15:33, entmoot () gmx de wrote:
> On Sat Aug 30  08:41PM, Al wrote:
> > Can anyone help me to understand why I got this after running chkrootkit:
> > ...
> > Checking `env'... INFECTED
> > ...
> chkrootkit thinks, your /usr/bin/env is infected by a trojan. Check this
> binary against a clean one, e.g. the one on your install cd.
> If chrootkit is right, you probably got owned.
>
> greets, andreas
Thank you all for your help but All I did Is just reformat my hard drives 
except /home and installed my gentto from scratch.
I am still scared about my /home if anything was INFECTED.
Hope not !!!

All these happened just after replacing my firewall NetgearRT314 by  linksys 
BEFSX41CA.

Doing a "test ports " through grc.com: the result gave me a lot of ports 
closed and most of them are trojan ports.
I  replaced the linksys by my netgear RT314 after upgrading the firmware. 
grc.com gave me a full stealth and all ports are stealth.

I may not configure well the firewall.

My questions are:
1-  if I was "owned by a trojan" which trojan ???
2- How Can I make sure that my /home is safe.
3- How can I prevent being a victim again.

Please note that I am just a newbie and I usually go with the easiest 
solutions.

Please advise.

Kind Regards,
Al


---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), 
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier 
technical IT security event.  Modeled after the famous Black Hat event in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symantec is the Diamond sponsor.  Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------