Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: 360.cn Website

From: Kevin Halgren <kevin.halgren () WASHBURN EDU>
Date: Tue, 27 Nov 2012 14:56:33 -0600
That's a tough call for various reasons. It's most likely from Chinese nationals who are using the free 360.cn antivirus software on their computers. That software seems quite popular but is of questionable value from a protection perspective and there is speculation it provides a backdoor for Chinese government monitoring of individuals and a bridgehead into remote network for malicious activity on the part of the Chinese government or independent agents.
Like so many things China-related, it's at least semi-legitimate but not something I'd ever trust personally. 

See here for more:
http://research.zscaler.com/2011/05/is-360cn-evil.html

Kevin

On 11/19/2012 2:13 PM, Tatum, Jeff wrote:
Does anyone know if the 360.cn website, or associated software is legitimate antivirus and antimalware?
I've noticed some odd traffic heading to qurl.f.360.cn on port 53. They're not DNS queries, but seems to be a large payload of encoded data. 

*Jeff Tatum*

Network Admin III, Office of Information Technology

Communications: Network Services

The University of Tennessee

103D6 Kingston Pike Building

2309 Kingston Pike

Knoxville, TN  37996

Phone: 865-974-7424

Attachment: kevin_halgren.vcf
Description:

Previous By Date Next
Previous By Thread Next

Current thread: