Well, I wouldn't like it, especially given your aMule situation. It was supposedly an attempt to close a port opened by the Linux.lion.worm and wasn't considered harmful when first released years ago. I'd try to find and remove:
Take a look at your /etc/inetd.conf to see if it's been modified too. You sound like you're aware of it, so I may not be telling you anything you don't already know.
I'd also emerge and run rkhunter, just cuz it's a good idea.
- Code: Select all
emerge -v rkhunter
Run that regularly if you don't already. I've never had a problem with the cheese.worm myself, and am basically trying to remember the discussions and solutions I heard. Maybe someone else actually had to deal with it and can offer more information. Good-luck!