Bugtraq mailing list archives
Re: BUGTRAQ Digest - 20 Apr 1999 to 21 Apr 1999 (#1999-92)
From: eric.iversen () BATES NO (Iversen, Eric)
Date: Thu, 22 Apr 1999 11:40:54 +0100
Hi, I also discovered this some months ago in a similar program named NetVampire. I contacted the publisher, who stated that the included ADVERT.DLL provides banner advertising inside the application. This DLL apparently uses port 1975 for its communication with the server. With port 1975 closed, the banner adverts inside these applications are not updated. This DLL is made by -surprise - Aureate Media, http://www.aureate.com, the makers og GO!Zilla Regards
Eric V. Iversen, Systems Engineer, IT dept, Bates-gruppen as Tel. +47 22 87 96 19 - Fax +47 22 87 97 70 Hoffsveien 1 - PO Box 484 Skøyen - N-0212 Oslo, Norway E-mail address book: http://www.bates.no/contacts/greenpages.asp "There is no reason for any individual to have a computer in their home." -Ken Olson, President, Digital Equipment, 1977
-----Original Message----- From: GossiTheDog [mailto:gossi () EIDOSNET CO UK] Sent: Tuesday, April 20, 1999 10:35 PM Subject: Go!Zilla, possible trojan I'm a little concerned about a program called Go!Zilla (a Windows 9x Internet download manager) - basically upon detecting network connections it appears to send about 2-4k of data to a remote machine on port 1975. There appears to be no reference to this made in the documentation, and I'm a little concerned about what it is actually sending to the server (and also what is being logged at the server end). Anybody want to pull Go!Zilla apart or run a network sniffer and see what it's doing? I might just be jumping to conclusions, but with what happened with ProMail I don't think we can afford to have another trojan available on all the big download sites... Regards, ----------------------------------------------------- [Name] GossiTheDog [Email] gossi () eidosnet co uk [Telephone] (+44) 0702 09 353 08 [Web Site] http://www.spleen.ukgateway.net [PGP Key] http://www.spleen.ukgateway.net/gossi.asc -----------------------------------------------------
Current thread:
- Re: BUGTRAQ Digest - 20 Apr 1999 to 21 Apr 1999 (#1999-92) Iversen, Eric (Apr 22)