I'm scanning a website IP for potential vulnerabilities (I'm admin to that website,). I noticed 33 open ports, but most of them are ports being used by legit programs, including SSH and FTP. On thing that smells fishy though is port 20000 and port 20001. Its telling me port 20000 is being used by Millenium and 20001 is being used by Millenium backdoor. I clicked on it for more detail and this is what it gives:

20001 : Millennium backdoor
Port type TCP
TCP Protocols HTTP
Version HTTP/1.1
Server Indy/9.00.10
Redirect detected Yes

What do I make of that information? Is it telling me that its connected to a server and communicating with it?

Also, a little more research on Millenium Backdoor results in this:

Name: Millenium
Aliases: BackDoor-L.srv, BackDoor-L.vli, Backdoor.Millenium,
Ports: 20000, 20001 (ports can not be changed)
Files: Milleniumtrojan.zip - 84,250 bytes Millenium2.zip - Client.exe - 164,352 bytes Client.exe - 198,144 bytes Server.exe - Spy.exe - 48,128 bytes Blonde.exe - Reg66.exe - Comctl32.ocx - 604,432 bytes Icqupdate.exe - 54,272 bytes Hool.exe -
Created: Nov 1998
Requires:
Actions: Remote Access / Keylogger. Alters Win.ini. Is been disguised as a Y2K system updater.
Versions: 0.9, 1.0, 2.0 beta,
Registers: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\
Notes: Works on Windows 95, 98 and NT. Spy.exe is said to be infected with the malicious virus Win.CIH from Taiwan.
Country:
Lenguage: Written in Visual Basic.




Is it vital for me to contact the hosting company ASAP? It also shows 21 Vulnerabilities which I'll be contacting them on (RPCs and Buffer Overflows for Apache, and OpenSSH) Any help would be greatly appreciated. One more thing, as I continue gettting more and more involved with Network Security and Forensics, I try to learn as much as possible. I can figure out ways to find the vulnerabilities on the targets, but how do you exploit them. Don't answer it here, if you want to help, please PM me instead.