Security Incidents mailing list archives

Re: Increased Kuang2 activity

From: "Kurt Seifried" <kurt () seifried org>
Date: Mon, 10 Feb 2003 17:04:12 -0800

Every single host (with one exception) that has scanned my host(s) that is
currently up and responding has a wide variety of ports open (typically MS
related ports, or 110, 80 and other common server ports with well known
vulnerabilities). These include sun Cobalt Raq systems (infamous for poor
security), Windows (several running kazaa, not sure if this is part of the
infection, cause of infection, or totally unrelated), and the like. Nothing
really surprising.


Kurt Seifried, kurt () seifried org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

Increased Kuang2 activity Jason Dixon (Feb 10)
- Re: Increased Kuang2 activity Johannes Ullrich (Feb 10)
- <Possible follow-ups>
- RE: Increased Kuang2 activity Logan F.D. Greenlee (Feb 10)
  - RE: Increased Kuang2 activity Jason Dixon (Feb 10)
  - RE: Increased Kuang2 activity Rev. Kronovohr (Feb 10)
- RE: Increased Kuang2 activity Jennifer Fountain (Feb 10)
- RE: Increased Kuang2 activity davec (Feb 10)
- RE: Increased Kuang2 activity Logan F.D. Greenlee (Feb 10)
  - RE: Increased Kuang2 activity James C Slora Jr (Feb 10)
    - Re: Increased Kuang2 activity Kurt Seifried (Feb 10)
- RE: Increased Kuang2 activity Baklarz, Ron (Feb 10)
- RE: Increased Kuang2 activity James C Slora Jr (Feb 10)
- RE: Increased Kuang2 activity Thierry Zoller (Feb 10)