Be Aware - For people who use Kazaa and similar
Discussion
I don't for the reasons outlined in this brief report.
"TruSecure, a Herndon, VA security firm, recently downloaded
nearly 5,000 files using the popular Kazaa file-sharing
network. They found that 45 percent of the executable files
contained malicious code (viruses and Trojan horses.) These
programs caused one or more of the following problems:
- Infected every file in the recipient's download
directory with a virus
- Stole Instant Messenger passwords
- Installed a spam generator
- Took remote control of the targeted computer and
uploaded personal data
The attacks were accomplished either by:
1. the person hosting the shared file embedding the
malicious code on purpose.
2. a peer-to-peer worm scouring the Kazaa network and
loading itself into download directories.
3. contagious contact with the infected file-share
directory of a prior victim.
Some three million users are logged into Kazaa at any one
time, says TruSecure. This makes Kazaa highly attractive as
a channel for malware distribution. Most malware consists
of malicious code embedded in executable program files
(those having an .exe extension).
The purpose of most malware is to bypass or break the
copyright protections built into commercial software
products. Music, picture, and movie files generally are not
infected since they are not executable. Many users are
lured into downloading executable programs that appear to be
music or movie files, but contain a double extension, such
as .wav.exe (for music) or.jpg.exe (for images).
Nearly 90 percent of the malicious code found on Kazaa can
be stopped by antivirus software. The viruses that cannot
be stopped are either too new to be detected or are designed
to shut down antivirus programs and firewalls."
"TruSecure, a Herndon, VA security firm, recently downloaded
nearly 5,000 files using the popular Kazaa file-sharing
network. They found that 45 percent of the executable files
contained malicious code (viruses and Trojan horses.) These
programs caused one or more of the following problems:
- Infected every file in the recipient's download
directory with a virus
- Stole Instant Messenger passwords
- Installed a spam generator
- Took remote control of the targeted computer and
uploaded personal data
The attacks were accomplished either by:
1. the person hosting the shared file embedding the
malicious code on purpose.
2. a peer-to-peer worm scouring the Kazaa network and
loading itself into download directories.
3. contagious contact with the infected file-share
directory of a prior victim.
Some three million users are logged into Kazaa at any one
time, says TruSecure. This makes Kazaa highly attractive as
a channel for malware distribution. Most malware consists
of malicious code embedded in executable program files
(those having an .exe extension).
The purpose of most malware is to bypass or break the
copyright protections built into commercial software
products. Music, picture, and movie files generally are not
infected since they are not executable. Many users are
lured into downloading executable programs that appear to be
music or movie files, but contain a double extension, such
as .wav.exe (for music) or.jpg.exe (for images).
Nearly 90 percent of the malicious code found on Kazaa can
be stopped by antivirus software. The viruses that cannot
be stopped are either too new to be detected or are designed
to shut down antivirus programs and firewalls."
That's sort of understandable but, as with all these things, people can do a certain amount to protect themselves.
Firstly, a good virus checker is always the obvious choice. However this doesn't protect you from Trojan Horse style applications - for example, anyone can write an application that does something nasty, named it "msword.exe" and ask you to run it - you do so, that's your own fault.
The best thing I find with Bearshare (my chosen Gnutella client) is to ensure that anything I am downloading from is spread over quite a few peers on the gnutella network - it's then safe(ish) to assume that all the peers have had no problems with the file and there's less chance it's malicious. Ofcourse this is still no guarantee - but if you see a single file being shared by a single user it's more likely he or she has something bad on offer.
As has been said, you can forget worrying about mpegs, avis, mp3s and picture though, if that's your bag.
Cheers,
Dan
Firstly, a good virus checker is always the obvious choice. However this doesn't protect you from Trojan Horse style applications - for example, anyone can write an application that does something nasty, named it "msword.exe" and ask you to run it - you do so, that's your own fault.
The best thing I find with Bearshare (my chosen Gnutella client) is to ensure that anything I am downloading from is spread over quite a few peers on the gnutella network - it's then safe(ish) to assume that all the peers have had no problems with the file and there's less chance it's malicious. Ofcourse this is still no guarantee - but if you see a single file being shared by a single user it's more likely he or she has something bad on offer.
As has been said, you can forget worrying about mpegs, avis, mp3s and picture though, if that's your bag.
Cheers,
Dan
HarryW said:
Does that apply to Kazza-Lite as well, as my teenagers assure me its safe .
Harry
Kazaa-Lite has exactly the same files on it as Kazaa (or did until recently anyway...) It doesn't contain the spyware that Kazaa has, but your chances of downloading a virus in an exe or some sort of archive are the same. If you just download mp3s and movies you'll probably be ok.
In this day and age its probably a good idea to at least use a personal firewall and virus software with up to date definitions anyway.
d-man said:
Does that apply to Kazza-Lite as well, as my teenagers assure me its safe
Harry
Kazaa-Lite has exactly the same files on it as Kazaa (or did until recently anyway...) It doesn't contain the spyware that Kazaa has, but your chances of downloading a virus in an exe or some sort of archive are the same. If you just download mp3s and movies you'll probably be ok.
In this day and age its probably a good idea to at least use a personal firewall and virus software with up to date definitions anyway.
Yep have AV and firewall and run spybot/adaware a couple of times a week so all should be well then. They tell me they are not stupid enough to download any exe files anyway
. Harry
I've used Kazaa lite and winmx before. Music and video is usually fine. I contracted a virus when downloading some software before, and i had some funny pop-up come on when i was on winmx the other week. Doesn't using a file-sharing network render your firewall useless, because you have to open up the port to download the content?
g4ry13 said:
Doesn't using a file-sharing network render your firewall useless, because you have to open up the port to download the content?
I wouldn't go as far as saying renering it useless, no. I mean, if a virus somehow gets inside (ie. your side of the firewall) then opens up the same port as your file-sharing software uses (hence allowing some nasty people in to do whatever they like), then yes, but it's hardly the fault of the firewall OR the file-sharing software...
As it stands, all people can access through your firewall is the application on the other end of that port - in this case, Kazaa/Gnutella/etc. - and in standard fettle that's not going to let people do anything dangerous...
well, i have a new shuttle pc, and have just got broadband installed where i am. have been running pc for last month and has been fine. hook up to the internet, update virus etc and before i even install kazaa etc, been hit with new virus, by updating though windows. bloody pc's. good thing i use my mac laptop wirelessly for everything and pc is just media server.
jodypress said:
well, i have a new shuttle pc, and have just got broadband installed where i am. have been running pc for last month and has been fine. hook up to the internet, update virus etc and before i even install kazaa etc, been hit with new virus, by updating though windows. bloody pc's. good thing i use my mac laptop wirelessly for everything and pc is just media server.
How'd you get a virus if you have updated AV and use windows update site then
. I've heard of some updates that make windoz run slower/worse but not one that infects it with a virus before.
I assume the update was via the 'official' windows update site and not one of these dodgy email link ones
. Harry
harry
HarryW said:I've come across this before, basically, you shouldn't connect a PC to broadband unless you have the latest patches, a firewall, and updated Antivirus on it. But how do you get all those unless you get connected to the internet. Some people are just unfortunate and their machines are compromised whilst they are doing this.
How'd you get a virus if you have updated AV and use windows update site then
HarryW said:
HarryW said:
Does that apply to Kazza-Lite as well, as my teenagers assure me its safe
Harry
Kazaa-Lite has exactly the same files on it as Kazaa (or did until recently anyway...) It doesn't contain the spyware that Kazaa has, but your chances of downloading a virus in an exe or some sort of archive are the same. If you just download mp3s and movies you'll probably be ok.
In this day and age its probably a good idea to at least use a personal firewall and virus software with up to date definitions anyway.
Yep have AV and firewall and run spybot/adaware a couple of times a week so all should be well then. They tell me they are not stupid enough to download any exe files anyway
Harry
Teens? Are they Boys? They will be downloading jpegs and movie files probably
or are they Girls? that use kazaa? I am not sure if they exist
hedders said:
d-man said:
HarryW said:
Does that apply to Kazza-Lite as well, as my teenagers assure me its safe
Harry
Kazaa-Lite has exactly the same files on it as Kazaa (or did until recently anyway...) It doesn't contain the spyware that Kazaa has, but your chances of downloading a virus in an exe or some sort of archive are the same. If you just download mp3s and movies you'll probably be ok.
In this day and age its probably a good idea to at least use a personal firewall and virus software with up to date definitions anyway.
Yep have AV and firewall and run spybot/adaware a couple of times a week so all should be well then. They tell me they are not stupid enough to download any exe files anyway
Harry
Teens? Are they Boys? They will be downloading jpegs and movie files probably
or are they Girls? that use kazaa? I am not sure if they exist
movie files? what movie files would a teenage lad possibly want to download?
mrflibbles said:
HarryW said:
d-man said:
HarryW said:
Does that apply to Kazza-Lite as well, as my teenagers assure me its safe
Harry
Kazaa-Lite has exactly the same files on it as Kazaa (or did until recently anyway...) It doesn't contain the spyware that Kazaa has, but your chances of downloading a virus in an exe or some sort of archive are the same. If you just download mp3s and movies you'll probably be ok.
In this day and age its probably a good idea to at least use a personal firewall and virus software with up to date definitions anyway.
Yep have AV and firewall and run spybot/adaware a couple of times a week so all should be well then. They tell me they are not stupid enough to download any exe files anyway
Harry
Teens? Are they Boys? They will be downloading jpegs and movie files probably
or are they Girls? that use kazaa? I am not sure if they exist
movie files? what movie files would a teenage lad possibly want to download?
One handed ones just like the rest of us.
Yes P2P networks have gotten worse in terms of becoming a new target for malicious software creators. It's a very easily exploitable platform since everyone is downloading something that can be easily misleading, it makes it a preferable format to email or popups.
Also since most networks have a policy of not monitoring what is transferred on their network for copyright issues, it's basically so they can say "we can't control what people are doing" and it's down to the individual what they use the application for, it makes for a very clogged network.
From what I know, the RIAA are not creating virii and malicious software to be distributed on their boxes. All they're doing is filling the network with distorted and broken MP3s to make it harder for people to find the music they're after.
Other people started with all the virii, adware and other junk. The networks are all unsafe, since they can't properly filter what is being spread. But that doesn't mean your PC has to be unsafe:
Decent upto date antivirus
Good firewall that keeps control of incoming and outgoing traffic
Adware remover software, because some find some new ways to get in, run it once a week and you're ok
Common sense
Personally I prefer not to use P2P networks anymore, Itunes and similar are all pretty first rate and the charge is nominal really. The one handed movies......well there's always the pay for stuff
On a personal note I strongly dislike the P2P networks and what they stand for in most cases. The analogy for me is a nightclub, if you owned a nightclub and someone is dealing drugs in it, no matter if you have nothing to do with it, it is your responsibility and you can face heavy penalties. It seems a bit rich that these companies can spring up, build a network, go through a drawn out legal process then fold. In trtuh most of them have a simple business plan:
Launch a platform and get some good servers under your control with recent content (latest movie or something)
Watch everyone come to your network and establish it as a front runner
Add a load of money making stuff into your application, adware, popups, etc. The common masses will download it anyway since they can get their stuff from your network and not know any better.
During this time face a legal battle that you know you'll eventually lose, keep coming up with excuses and stalling tactics.
Wait till you're shut down and hope you've accumulated enough money to pay any lawsuits and then see what's left for your profit.
It may seem good for the consumer, something for nothing. But being a copyright owner is pisses me off something mental since people are getting stuff that cost me money to produce, and they're not paying me anything for this. True alot of the people downloading my stuff wouldn't have paid for it anyway, but it's that they have no right to view something they haven't paid for. Then there's the issue of the loudmouth ****s that run the networks that just love seeing their name in the media and think they have some kind of leverage in important circles. Had to laugh at the guardian ranking Sharman Networks CEO in the top 100 most important people in the media.........what can they exactly do?
[/rant over]
Also since most networks have a policy of not monitoring what is transferred on their network for copyright issues, it's basically so they can say "we can't control what people are doing" and it's down to the individual what they use the application for, it makes for a very clogged network.
From what I know, the RIAA are not creating virii and malicious software to be distributed on their boxes. All they're doing is filling the network with distorted and broken MP3s to make it harder for people to find the music they're after.
Other people started with all the virii, adware and other junk. The networks are all unsafe, since they can't properly filter what is being spread. But that doesn't mean your PC has to be unsafe:
Decent upto date antivirus
Good firewall that keeps control of incoming and outgoing traffic
Adware remover software, because some find some new ways to get in, run it once a week and you're ok
Common sense
Personally I prefer not to use P2P networks anymore, Itunes and similar are all pretty first rate and the charge is nominal really. The one handed movies......well there's always the pay for stuff
On a personal note I strongly dislike the P2P networks and what they stand for in most cases. The analogy for me is a nightclub, if you owned a nightclub and someone is dealing drugs in it, no matter if you have nothing to do with it, it is your responsibility and you can face heavy penalties. It seems a bit rich that these companies can spring up, build a network, go through a drawn out legal process then fold. In trtuh most of them have a simple business plan:
Launch a platform and get some good servers under your control with recent content (latest movie or something)
Watch everyone come to your network and establish it as a front runner
Add a load of money making stuff into your application, adware, popups, etc. The common masses will download it anyway since they can get their stuff from your network and not know any better.
During this time face a legal battle that you know you'll eventually lose, keep coming up with excuses and stalling tactics.
Wait till you're shut down and hope you've accumulated enough money to pay any lawsuits and then see what's left for your profit.
It may seem good for the consumer, something for nothing. But being a copyright owner is pisses me off something mental since people are getting stuff that cost me money to produce, and they're not paying me anything for this. True alot of the people downloading my stuff wouldn't have paid for it anyway, but it's that they have no right to view something they haven't paid for. Then there's the issue of the loudmouth ****s that run the networks that just love seeing their name in the media and think they have some kind of leverage in important circles. Had to laugh at the guardian ranking Sharman Networks CEO in the top 100 most important people in the media.........what can they exactly do?
[/rant over]
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff