Hillstone Networks

'; echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "www.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "www.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "www.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "www.hp-telecom.com") { echo ''; echo 'hp-telecom'; } else{ echo ''; echo 'Hillstone Networks'; } ?>

TCP Attack (Attack ID：700106)

Release Date：2009-09-27

Attack Name：X2a runtime detection - init connection

OS Type：Window

Application Type：

Severity：Critical

BUG ID：

CVE ID：

Description：

Trojan horse programs can be used by an attacker to steal data from the infected machine, they can also be used to control the infected host. This event indicates that activity relating to the trojan horse program x2a has been detected in network traffic.

Impact:
Possible theft of data and control of the targeted machine leading to a compromise of all resources the machine is connected to.

Affected Systems:
Microsoft Windows systems

Additional References:
http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453084136

Solution：

Updated virus definition files are essential in detecting this Trojan.
Edit the system registry to remove the extra keys or restore a previously known good copy of the registry.
Many trojans may hide the process from viewing in the Windows task manager.
A reboot of the infected machine after cleaning is recommended.