Printable View
A coworker has just informed me that Kazaa is a very vulnerable program to have running on a PC. I know that it has port 1214 open so I suppose it's a service... and like any other service it could be vulnerable. Does anyone know of any vulnerabilities or instances of attack?
:brickwall :brickwall
Your Co-Worker obviously knows nothing about KaZaa.....you should suggest to him or her that they try using Google to check their information before spreading vicious rumors.
Well, The fact that people are downloading files, when they arent 100% sure of what the files really are makes the user's computer pretty vulnerable to viruses/malware etc.... wouldnt you say?
LOL kazaa was vulnerable is vulnerable and probably will stay vulnerable...it is a very easy way to get trojans into someones PCU if they dont have a AV...i suggest you use DC++
try it its great...for me a lot better than kazaa
peace
/scriptkiddie18
Kazaa also installas lot of Spyware on your computer, that why people use Kazaa Lite K++. But i heard kazaa doesn't work anymore. I dont know where i heard that.
Script Kiddie What is a PCU ??
Kazaa Lite was shut down by Kazaa....Quote:
Originally posted here by MemorY
Kazaa also installas lot of Spyware on your computer, that why people use Kazaa Lite K++. But i heard kazaa doesn't work anymore. I dont know where i heard that.
Script Kiddie What is a PCU ??
-> http://www.zeropaid.com/bbs/showthread.php?t=16805
I just downloaded it.
http://www.k-lite.tk/ is now owned by KAzaa..... That was the main site for download...
The software stillw orks though.Quote:
Kazaa Lite was shut down by Kazaa....
First off Seven, I'd get an idea of how P2P networks work
http://computer.howstuffworks.com/file-sharing.htm
Then, I'd research some of the variations
http://www.zeropaid.com
After that, the only thing I would suggest is Googling for exploits on whatever P2P you wind up using in the long run.
There are always going to exploits in any network where you connect directly to someone else's computer. You just have to keep up on any articles/news that you can find.
As for Kazaa, I know it had some issues with worms and virii being spread through the network some time ago but I haven't heard much about the newer versions, like Kazaa Lite.
Well, that's my input. Good Luck Seven.
Only A careless User can make Kazza Vulnerable, So,
all programes are Vulnerable if abuse is accuored ,,,,,,
This
with thisQuote:
if abuse is accuored
:rofl: Could somebody please help me out...I have no idea what that word is..acquired maybe?Quote:
tHE EnemY Is IgnorancE
Actually I have just found a DOS and an identity spoofing exploit for Kazaa... does anyone know of any others?
Kazza lite I hear has little to no problems - But as far as Kazaa which you asked about, there are still constantly new viruses being created and spread over it. Here is a blurb from Panda AntiVirus about one of the newer ones to hit Kazaa and information about how it affects Kazaa:
RRPQuote:
The second malicious code, Duster.B, is a virus with the characteristics of a worm that spreads through the P2P file sharing program KaZaA and across network shares. It does this following the routines below:
- Through KaZaA
Duster.B looks for the default shared folder of this file sharing program. If this folder is not shared, it modifies an entry in the Windows Registry in order to share it. Then, it infects all the PE files it finds in the shared folder by adding its code to the beginning of them. When other users access these files remotely, they will download the files infected by Duster.B, thinking that they are useful computer programs, images, etc. However, when they run the downloaded file, their computers will also be infected by Duster.B.
- Across network shares.
Duster.B checks if the infected computer belongs to a network and if it is, it tries to copy the file DUST.EXE to all the network computers and creates a file called AUTOEXEC.BAT on each one. The aim of this file is to run the virus every time the computer is started.
Duster.B connects to the IP address 208.178.231.190, which belongs to an IRC server, through port 6667. After it has done this, it waits for control commands like download and run files.
The last 8 times i tried to download from kazaa lite, norton's AV stopped the download.
Im guessing there are many ways Kazaa can be used by script kiddies for whatever damage wthey want to inflict, basically if you choose to take part in what is the sharing of files from people you dont know then you are taking risks.
When I used Kazaa Lite I never once got a virus, its not as rampant I dont think as people make out but its not the most secure of programs and thats for sure.
Hey,
Anyone looking for Kazaa Lite can find it at http://www.oldversion.com/ :)
You can also get K-lite 2.4.3 here. It is the newest version and has all the latest updates.
I personally stopped using KaZaa long time ago and have been using mIRC to do all my file sharing. I usually downloaded full movies in about 3 hours. :wow: The download time is actually dependant on the connection you have with the other person. 2 people using Broadband can share files quite quickly. BTW I can download a 4 minute mp3 in 2m20sec. Entire music CD's in about 15-25 minutes. I am not saying KaZaa is bad at all, continue enjoying your downloads, I know I am. :D
well first off, we can all agree that P2P HAS the potential to be dangerous considering ur not hidding behind a secured server. the only thing thats keeping between u and whats potentially a "dangerous" connection is whatever u got on ur system.
Kazaa, considering its natuyre to be p2p do give impressions it is unsafe. but like i said, when it comes to p2p, it all comes down to what u have (but then that rule also works for ANY connection, may it be Clinet/Server). using kazzaa, u must be understand that u have a direct connection with the OTHER user. and whatever he gives u, which may look like harmless, can be potentially dangerous. mIRC file sharing is also p2p tho lots of ppl do it.
My point here is, Kazza is dangerous as it is dangerous to go out of ur home and into the streets. u just have to be prepared coz alot can happen. maybe the file that was sent to u wasnt what u expected, or maybe someone exploited ur p2p connection with them or maybe kazzaa apps are vulnerable to a dangerous p2p worm/virus.
Client/Server connection these days are not even very secure but it has the advantage of being connected to only 1 system u all know and trust.
i suggest u arm urself wid an AV and a decent firewall. thats a good start. for kazaa's spywares, there are some softwares out there that will kill/block them. and it pays off visitn news and security sites from time to time to keep urself informed. AO is a good place tho i can also recommend some OTHER sites but i dunno if its allowed here since AO changed management. it used to be under AOer's hands but not anymore. but thats just a diff topic all in all.
hey! kazaa lite works!though i also have had a couple of trojans from it!now a days i use just 2 download text and pdf files!
Ah, I know that Kazaa make your computer vulnerable in many ways whether it's the actual program or maybe that you never know what virus is attatched to what file. If you are going to use Kazaa you better have an AntiVirus Software. Also the spyware.... geez... www.realphx.com/remove.htm if you scroll down to the bottom of the screen and download the FIX.EXE (CLICKING HERE) link it's a program called Hijack which scans your registry for unwanted entrys such as spyware.... be careful not to remove anything you'll need. Happy Downloading and merry christmas. I'll stick with IRC and FTP.
peâC3
I personally wouldn't say that Kazaa is vulnerable... Maybe it's because you dunno what you are truly downloading. But that's what you have an antivirus program right? Sometimes it might screw up your computer. Did to my friends.. but what do I know? lol
For those of you that gave me negative points for above post.....Neg me for being a smart ass if you must, but please note the sarcasm in what I've said about google for info.....and stop giving me neg points for not knowing KaZaa is vulnerable.....I'm well aware of the fact.Quote:
Your Co-Worker obviously knows nothing about KaZaa.....you should suggest to him or her that they try using Google to check their information before spreading vicious rumors.
there is aworm that is spreading via kazza .check out symantec site for details...
Besides the ethical reasons of running a P2P network - there are at least three known vulnerabilities for Kazaa:
There is a known denial of service associated with the adds that Kazaa serves
There is a buffer overflow vulnerability that can result in both Denial of Service and execution of arbitrary code
And in some versions of Kazaa - ads are executed in the MSIE local zone - which could allow the execution of arbitrary code
So - stating that Kazaa is not vulnerable would be incorrect . . .