Re: KazaaLite 2.0.2 Build 1

[Jimi Thompson <jimit () myrealbox com>]

At 7:55 AM -0400 6/2/03, matt wrote:
> Platform: win2000 SP3 with full updates/patches.
> Program KazaaLite 2.0.2 Build 1
>
> I have 3 partitions on the primary harddrive and 1 external drive. Besides
> the default sharing folder "My Shared Folder" on C:, I mainly share
> everything on the External drive.  In the past few weeks I've noticed that
> when using KazaaLite I see certain files being downloaded from me that
> shouldn't be.  Last night (6/1) I saw a file called perform.doc downloaded
> to a person with a description I didn't recognize, so I searched for it on
> the external but it wasn't there. I checked my other drives and found it on
> my D: drive, a drive I am NOT sharing and don't wish to. A few weeks ago I
> saw 2 files from my C: drive that were downloaded and that was not shared
> either.  I've searched through the registry and haven't seen anything fishy.
>
> Any ideas? Or has anyone seen this? As of right now all sharing on my part
> is closed until further research by me and hopefully some of you.
>
> Thanks,
>
> Matt


Kazaa and Kazaa Lite have both been prone to various security issues 
including exploits which follow exactly what you have described. 
There have been trojaned versions released that when installed, did 
various nefarious things.  Understand that when you dowload the 
software, it doesn't come from kazaa.com, you get from a user on the 
kazaa network that's sharing the file.  There is absolutely nothing 
to keep them from making their own kazaa.exe or whatever and sharing 
the trojaned version.   Best of all, you know which users downloaded 
so you can try to connect to them later.


--
Thanks,

Ms. Jimi Thompson, CISSP, Rev.

"Those who are too smart to engage in politics are punished by being 
governed by those who are dumber." --Plato




----------------------------------------------------------------------------
----------------------------------------------------------------------------