Here is some information I found on the trojan: http://www.glocksoft.com/trojan_list/Kuang2_the_virus.htm http://cert.uni-stuttgart.de/archive/intrusions/2002/07/msg00059.html http://www.iss.net/security_center/static/4074.php according to iss, 98/95 are affected. Thank you Jenn Fountain -----Original Message----- From: Logan F.D. Greenlee [mailto:lgreenleeat_private] Sent: Monday, February 10, 2003 11:46 AM To: Jason Dixon; incidentsat_private Subject: RE: Increased Kuang2 activity Does anyone have any information on what the kuang2 trojan does, and what systems are vulnerable? My brief googling has only returned links to the Trojan itself. Thanks, Logan -----Original Message----- From: Jason Dixon [mailto:jasondixonat_private] Sent: Sunday, February 09, 2003 7:01 PM To: incidentsat_private Subject: Increased Kuang2 activity I've noticed a large increase of activity to port 17300 hitting my firewall over the last 3 days, from various sources. Googling relates this port to the kuang2 trojan. Has anyone else seen this? Anything else this might be attributed to? TIA, J. ------------------------------------------------------------------------ ---- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Feb 10 2003 - 11:57:33 PST