|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Port 17300 probes?
From: Joris De Donder (joris
digitaldefense.be)
Date: Tue Apr 15 2003 - 13:38:55 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
>if you have any
>information on why this scanning is being seen in an increasing number,
>that would be appreciated (the tool that does the scanning perhaps?)
http://members.lycos.co.uk/ircspybot/
From the readme.txt:
"Date: 08:04:2003
Fixed the kuang spreader
Date: 05:04:2003
Features:
- HTTP server
[...]
- Port scanner
- Syn flooder
- Kuang2 and sub7 spreader
[...]"
Also last year (in august I think) a new client was released for the Kuang
trojan.
From a post on trojanforge.net:
"This new client will allow you to scan for kuang servers and
automatically update the server from a url that you specify. You can
either use the built in scanner or load an external list of ip
addresses."
Joris
----------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
world's premier event for IT and network security experts. The two-day
Training features 6 hand-on courses on May 12-13 taught by professionals.
The two-day Briefings on May 14-15 features 24 top speakers with no vendor
sales pitches. Deadline for the best rates is April 25. Register today to
ensure your place. http://www.securityfocus.com/BlackHat-incidents
----------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]