Results 1 to 3 of 3

Thread: Honeypot pickup... port 41170 BlubsterCV

  1. #1

    Honeypot pickup... port 41170 BlubsterCV

    I was checking my firewall logs, and found a ton of attempted connections from port 41170. I ran Netcat to receive those connections, and here is the result:
    ÉÜ âë ÿÿÿÿ  1SF  ŽSK  MNC  CNBlubsterCV2.5.0VLT3q_ å× ÿÿÿÿ  1SF  ŽSK  MNC  CNBlubsterCV2.5.0VLT3¡Ð æ² ÿÿÿÿ  1SF  ŽSK  MNC  CNBlubsterCV2.5.0VLT3
    I checked out BlubsterCV, then blubster, and it turns out blubster is a p2p program.

    This thread says the p2p program has horrible programming,
    It's harmful - While the technical details are boring, Blubster and Piolet are effectively overloading our local network due to its inefficient and almost malicious programming. The file sharing application has proven to be very nasty to networks if left unchecked. During a 10 minute interval, we are seeing a few Blubster\Piolet users create more traffic on our local network than the rest of the campus produced during a similar 10 minute interval last year. Since this software has become popular, you might have noticed how the network responsiveness slowly degraded.
    We will disconnect - We are requesting all students completely uninstall the Blubster software. Students using Blubster\Piolet will be notified and asked to uninstall. Students failing to respond to the request will be disconnected until they contact the HelpDesk.
    This sounds like adware, but I was wondering why Blubster would have to send me packets constantly for it to work? Is is an adware worm, or do people actually use this like kazaa?

    This google shows that their are removal tools available, so this confuses me. Is blubster a worm, adware, or just a suckass p2p program with horrible programming? It makes a ton of traffic.

  2. #2
    AO Ancient: Team Leader
    Join Date
    Oct 2002

    Hmmm..... many years ago, in a previous life BLUB stood for Big, Lazy, Useless, Bastige.... or words to that effect....

    Now who would use a proggie named something like that???? Never mind....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #3
    Join Date
    Aug 2001
    Blubster is just another P2P-proggy:
    The way Blubster works is to use basic peer-to-peer structured software without a central server, running a private UDP transport protocol: The MP2P Protocol. This system allows a user’s identity to remain private, which makes all the file-sharing process completely anonymous. Over 2 Years after its inception, MP2P has proven itself as a super-scalable and ultra-fast network.
    The "M" in MP2P stands for Manolito, and the network is pretty similar to Fastrack (the technology used by KaZaA). If I'm correct, it's only used for MP3.

    Here's a (small) description of the network protocol...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts