GEN:SID 1:1843
Message BACKDOOR trinity connection attempt
Summary This event is generated when  an attacker attempts to connect to a
Trinity DDoS Trojan server.
Impact Possible Distributed Denial of Service and control of the victim host.
Detailed Information This Trojan affects UNIX operating systems:

Trinity is used as a Distributed Denial of Service (DDoS) agent and can
launch DDoS attacks from a large number of hosts against a target.

Due to the nature of this Trojan it is unlikely that the attacker's
client IP address has been spoofed.
Affected Systems  
Attack Scenarios This Trojan may be delivered to the target in a number of ways. This
event is indicative of an existing infection being activated. Initial
compromise may be due to the exploitation of another vulnerability.
Ease of Attack This is Trojan activity, the target machine may already be compromised.
Corrective Action Delete the Trojan and kill any associated processes.

Restore the system from known good backups.
Additional References  
Rule References cve: 2000-0138
nessus: 10501