January 3rd, 2003, 03:13 PM
Hello, well this is my first post on this site as I endeavor into the world of network security. I am currently typing this as I sit waiting for a copy of Red Hat Linux 8 to arrive at my door with a nice big book accompanying it. The question I am about to ask came about when some of my friends started using the p2p Gnutella software Kazaa. Now, I know that kazaa is filled with spy/ad ware and suggested that they used bearshare instead. I think I just went a bit off topic there but anyway, what I am interested in is the possible security vulnerabilities that arise from installing such software and how it is possible to combat this. Also can anyone shed some light on the rumor that some versions of the Kazza media desktop are infected with a virus that sits in your boot sector for a random amount of time before rendering your system un-usable?
January 3rd, 2003, 03:29 PM
As with any p2p network where users are exchanging files, you are bound to encounter viruses. Just make sure you have a good up2date antivirus package installed. With that, you will also want to install a firewall. You are going to have direct connections between peoples PCs and it is very easy to find out the ip of a person that is downloading off of you or vice versa.
Make sure you have all of your system updates, patches, etc.
If you are worried about spyware, install kazaa lite .
You can use software like ad-aware or spy bot search and destroy to make sure your system is free of spyware. Remember to update them frequently and run them frequently.
NOTE: Some people accidentially share other folders than just the "shared folder". If I were you, I'd just disable uploads all together, or specify just a few users. Uploads kill your bandwith and your ISP will consider you to be running a server. If you are on broadband, most ISPs consider this a breach of contract and somtimes will kick you off. I haven't had any problems (yet) but I try to keep my uploads to a minimum. I don't have much that others would want anyway...
is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
January 3rd, 2003, 03:31 PM
i havent heard that one...you could no doubt get files that are infected with that kind of thing but come with it! no. virus and trojan software should protect you quit well as long as you keep it up dated. i think it would be wise to wait a day or two before attempting to use any file you obtain that way. just in case a new virus or trojan is released. they're usually detected in a day or two and up-dated av signitures are sent out.
bearshare on the other hand is subject to a directory transversal exploit (don't know if thats been fixed)
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
January 3rd, 2003, 10:58 PM
Hum. I want to add here the fact that Kazaa is not a Gnutella client (I have not used those software for a long time now but I think they can't comunicate).
If you want to try Gnutella, this site could help you to chose a better software than Bearshare (I don't know if LimeWire is always the better, but it had been).
Life is boring. Play NetHack... --more--
January 4th, 2003, 01:19 AM
limewire has a serious problem with running on older systems, it seems to use up too much system memory for slower machines to run it. Im not sure if the flaw is with not enough ram, or with windows 95, but no computer at my school(all old) has been able to run limewire. one thing to check into p2p clients, is built in virus detectors. I know kazaa has one built in, but it is turned off as default. i will look into bearshare and limewire to see if they have, and if they do it is a good idea to turn them on. if there is any other major p2p client out there that you have questions about, ask me and i will do my best to find the answer for you.
www.nitesecurity.com (site is down temporarily due to worthless server)
Down with host.sk!!!!
I have found that both limewire and bearshare are devoid of any virus protection or firewalls. according to the information on the limewire website, gnutella does not have any built in virus protection because there is no centralized server, so i believe that all gnutella clients will be virus protection free.
April 27th, 2003, 10:40 AM
You may also want to try shareaza. www.shareaza.com. It connect to multiple Gnutella networks including Bearshare and Limewire. As far as I know it has no adware, but if you use a program like adaware it won't disable the program like it will Kazaa. Kazaa knows when you delete its adware and it will not run. The nasty virus-worm on Kazaa you may of heard of is known a benjamin or W32/Benjamin.worm. Bullguard offers a removal tool if you think you have this virus, but most updated anti-virus programs catch it now too. The problem with this virus is that when it was first introduced alot of anti-virus programs missed it, but now most programs will catch it.