Skip to content

*Updated*NEW Unsafe Software and Services!!

6-10-2007

Do you use one for these programs??

Welcome I know that many people do arond the world. Somehow you became aware of these programs because people like to get things for free or ?

Well let me try to explain to you what else you might be receiving rather than just that awesome music.

Download Ares 2.0.9 Ares, Download Azureus 3.0.3.4 Beta Azureus, Download BearShare Lite 5.2.5 BearShare, Download BitComet 0.96 BitComet, Download Cabos 0.7.4 Cabos,
Download DC++ 0.703 Beta DC++, Download eMule 0.48a eMule, Download iMesh 7.1 iMesh, Download LimeWire Basic 4.14.10 Lime Wire, Download Shareaza 2.2.5.7 RC2 Shareaza,
Download uTorrent 1.7.5 uTorrent

Peer-to-Peer – a type of transient Internet network that allows a group of computer users with the same networking program to connect with each other and directly access files from one another’s hard drives. Napster, Kazaa, and Gnutella are examples of peer-to-peer software.

You are either infected with the Conficker or your imbecile (the computer) is botted and YOU need to find this out cuz you use these insecue programs!
What are some of the consequences of Peer-to-Peer?
you could be a part of something that you dont know about guys come and take your computer away. It happens.

Seattle Man Indicted For ID Theft Using Computer File Sharing Programs

File-Sharing users users beware…

Research from a German deep packet inspection gear maker Ipoque shows that P2P traffic consumes anywhere between 49 and 89 percent of all Internet traffic in the day.
At night, it can spike up to an astonishing 95 percent.
Participants could be getting more than just music or video, as this environment is also a major conduit for malware.

Businesses, governments and internet service providers face dangerous new network disruption and malware attacks from botnets based on peer-to-peer technology (P2P) instead of the more common hierarchical structure.

Eugene Kaspersky, CEO of Kaspersky Laboratories, the Russian antivirus company that identified the new method, said the new method had already succeeded in strangling internet communications in Krasnodar and Astrakhan for several weeks. “We do not know who was behind these attacks,” he said. “It may have been a test.”

Alex Gostev, senior virus analyst at Kaspersky, said the P2P nature of the new botnet meant that each infected machine needed to know only its neighbours. An instruction to activate the botnet could be sent to any of the machines in the network which would then propagate from machine to machine to build an attack.

http://www.computerweekly.com/Articles/200…work-threat.htm

Majority of Internet bandwidth consumed by P2P services
http://blogs.techrepublic.com.com/tech-news/?p=1651
Consumption moves to 95% at night
http://arstechnica.com/news.ars/post/20071128-nocturnal-p2p-transmissions-account-for-95-percent-of-internet-bandwidth.html

Adware and spyware makers are using BitTorrent as a new distribution channel. According to observers of the trend, music and videos that hide applications which pop up ads on PC screens and track browsing habits are increasingly being offered for download on various BitTorrent websites.

READ More HERE, CLICK

Avoid Inherently Unsafe Software and Services. Certain software and services are very appealing to the home user. Freeware, instant messaging, and music download software come to mind as products or services that are widely used on home computers. Freeware sometimes is great software and sometimes it isn’t. Some freeware comes bundled with Adware or Spyware that tracks the user through cyberspace and reports back to an Internet site all of your surfing habits. You can determine whether your system has any of this software, typically loaded without your knowledge, by visiting http://www.lavasoftusa.com and downloading the free software package called Ad-aware. A similar
product, Search & Destroy, is also freely available at http://www.safer-networking.org. Both packages will scan your system for the presence of Adware and Spyware and report it to you. They will offer to remove or mark the offending software so it does not affect your system. Instant messaging is often misused because it may open up your system to the person you are talking to. Either you should disable it or you should be careful that you only use it to communicate with people you know and trust. Both instant messaging and many of the popular music services are a form of software called peer-to-peer software. There are many file download services, including KaZaA, Morpheus, and BearShare. In each case, you download and install a program on your computer. If you download the software, be sure you understand that you have little or no control over what it does. One of these packages has been widely verified to include another software package that can take over the operation of your computer and use it for other purposes. This means that it is a Trojan horse program: a program that appears to perform a legitimate function but may also perform undesirable functions unknown to the user.
One other caveat. Distributed file services, like KaZaA, cause your computer to become a server and permit access from the Internet to your computer by other participants in that file-sharing network. Depending on the service, you may be able to opt out of becoming a server. If you are not given the choice or you do not opt out, you may be providing access to your system from the Internet and assuming all the associated risk. You can also end up violating music copyrights without realizing it.

Peer-to-peer software is a very appealing technology and has great potential for useful and productive applications. However, in its current state of development, it is dangerous, because of the lack of any protection on your system. Most peer-to-peer technology has no security protection and requires no authentication to identify peers in a way that can keep out the bad guys. As we have indicated, you need to be careful and prudent if and when you use this type of software.

Ben is a very through Computer wizard from Harvard. This Page below will give you a fair bit of info.
Video: New.net Installed through Security Holes
New.net provides a proprietary domain name system that allows it to sell nonstandard … I’ve also seen New.net in big bundles with other P2P programs, …
www.benedelman.org/news/100505-1.html
http://www.benedelman.org/peer to peer articles

If you are using one of the peer-to peer file sharing services without disabling the file sharing option, the whole Internet can have access to the files on your hard drive. This can also lead to excessive bandwidth consumption which is violation of most ISP’s the ones you pay to get internet, their Acceptable Use Policy.
When using peer-to-peer services, you should take several precautions. Here are several tips on protecting your PC:

1. Prevent the program from starting automatically.
2. Do not share files.
3. Close/Exit the program when you are finished.
4. Prevent the program from acting as a “supernode” (a middleman for other programs to secretly use your bandwidth

For additional information, please go to http://security.uchicago.edu/guidelines/peer-to-peer/ for easy-to-follow instructions on disabling file sharing for the various peer-to-peer programs

Security Risks in P2P

Despite its ease-of-use, P2P services have another dark side besides legal concerns—increasing security risks.

On one hand, the P2P security mechanism is far from mature in the Internet age— its infrastructure has not ever considered the security issue seriously. P2P may work well with a few members in a small group, where peoples often know each other. But now P2P has been applied on the landscape of Internet and has to face millions of anonymous users. Apparently, its security methods are still too limited since they have not been enhanced significantly.

On the other hand, P2P software is getting more powerful and sophisticated. For instance, some applications grant users the power to limit other user’s bandwidth amount while uploading files.

Consequently, it seems that P2P offers attackers a more efficient and effective way to do their jobs. Therefore, security risks increase highly in P2P software and the security issue in P2P has been becoming the subject of intense research.

Inborn Security Risks in P2P

Many threats come from inborn weaknesses of the P2P architecture. These weaknesses result in the following security problems, which are beyond certain applications and present in nearly all known P2P systems.

Vulnerable to Denial of Service Attacks

Every user of a P2P application is consuming network bandwidth. “Software like Napster, Gnutella and Scour are generally used to download relatively large files such as MP3s, AVIs, MPGs, JPGs, and GIFs. If enough users are downloading these types of files, this can cause network resources to be tied up, resulting in a denial of service.” “In addition to network bandwidth, full hard disks can also result in a denial of service.” For example, when we try to save a file to a public disk but an attack already makes it full somehow, very possibly the saving file service will be denied and we will lose our work.

Denial of service attack can occur inside a subnet or among individual users who are sharing the same network resources. Due to the distributed nature of Internet and P2P, this type of attack is inevitable so far.

Easily Distributed Malware

One of the biggest security problems of P2P is that it is extremely easy for an attacker to distribute malicious software. “Just as the average user can freely distribute any file s/he chooses, malicious users can freely distribute Trojan horse applications and viruses. To make matters worse, if the malicious user is using a P2P program such as FreeNet, there is little fear of getting caught since FreeNet does not use a central server and IP addresses are not tracked. As if it couldn’t get worse with a model like FreeNet, when a file is requested, it is copied locally from participating client to participating client until it gets to the requesting client. It would be hard to design a better mechanism to spread malware faster. The possibility of introducing and spreading a Trojan horse or virus becomes as easy as sending an e-mail.”

Therefore, compared to the past traditional attacks, malicious users to P2P system do not have to be computer experts. They only need to register on a P2P group, provide malicious applications and lure other users to download and execute it.

Zeropaid group found that files with names referring to pornography were downloaded at an alarming rate (more information can be found at http://www.zeropaid.com/busted). Some sneaky attackers may use this “feature” to speed up the spreading of malicious software by giving it provocative name and description.

“Even commercial code can be modified and spread as malware. Programs like AOL Instant Messenger, or any other P2P software, can be reverse engineered and released as Open Source software. This gives malicious hackers the ability to change the software code so that it can be used for other purposes.”

As a consequence, no matter you are expert or amateur, these programs have a malicious intention, you cannot keep your computer safe. It is just far to easy to get hacked when you share, have you scanned lately when was your last update? Should update daily and scan after each download in such P2P networks. Good luck 😦

Straightforward Information Gathering

“Letting another Internet user know one’s ‘real’ IP address is a security risk in itself” because “someone sniffing on the network could hijack a session, spoof one or both users’ addresses, or otherwise cause harm.”

“The Internet still provides most networks with enough anonymity to feel a certain amount of security through obscurity”; unfortunately, “P2P software can take away that anonymity”. So, “the addresses of routers and gateways are exposed, and if the user is connected directly to the Internet, their IP address and MAC addresses are also exposed. For example, Gnutella users are given the IP address from which they are downloading by widening the column immediately to the right of the ‘Status’ column in the ‘Downloads’ window. This is a good starting place for a hacker with simple scanning software.”

Take a look at how easy This Is Done, ……HI THERE!

These signs are created and served by danasoft.com’s webserver in real-time for each person that views them. Your IP address and other information are only visible to YOU, not to others, but because people see their own IP address and computer information displayed on a blog or in a public forum, they think that their information can be seen by everyone!

Read the privacy policy for more details. Click Here!


Attackers can get more information than IP and MAC addresses such as users’ connection speed since some P2P programs like Napster give users the information concerning connection speed. Connection speed can help attackers to identify more “valuable” targets – “most 56k connections and below are dial-up accounts, and probably are not ‘always on’ and do not have static IP addresses, hackers may not waste their time on these systems. But, connection speeds of 144k and higher can indicate DSL or cable modems that are ‘always on’ with static IP addresses, a more desirable target.”

There are many excuses why it is safe to use P2P but in reality you are just playing russian roulette with your computer. But that is your choice. :-\

eMule, Bittorrent, azureus, LimeWire Pro, BitComet All are P2P programs if your familiar with any I can assure you that it was a bad experience, if you haven’t learned yet you will soon, the internet is not by any means getting safer. See this Article..
Or the following Article
even more of a scare, and you think your computer is of no use to them? Humm

A security group reports…….

ANALYSIS OF: AZUREUS_2.5.0.4.EXE

* AZUREUS_2.5.0.4.EXE may use 8 or more path and file names, these are the most common:

* 4 :%documents%\my dowload files\AZUREUS_2.5.0.4 PT.EXE
* File Name Structure: *Highly Irregular*
* File and Path Structure: **Suspicious, code execution from unusual location**
* The following behaviours have been observed for this object:
* Installs programs.
* Deletes programs.

Concerns about your PC security? We help thousands of new users every day to rid their PC of high risk spyware, adware, trojan, virus and rootkit infections
You can use Prevx to ensure your PC really is safe. Click here to download CSI for your free system health check.

Prevx CSI – FREE Malware Scanner http://www.prevx.com/freescan.asp

Prevx Computer Security Investigator (CSI)

* Totally Free
* Prevx CSI for business can be used free of charge in low volume (up to 250 PCs) by business users and large enterprises, subject to a simple registration process.
* Updates from the program 🙂

  • Please Read: STOP ? THINK ? CLICK7 Practices for Safer Computing, here:

  • http://onguardonline.gov/stopthinkclick.ht

    *********************************************************************

    *********************************************************************

    Personal Security for your computer, Da steht es wie Hosts file sind auf Spybot, und auch MVP Hosts ist da oben von Spybot.

    God Bless you!

    Advertisements
    No comments yet

    Leave a Reply

    Fill in your details below or click an icon to log in:

    WordPress.com Logo

    You are commenting using your WordPress.com account. Log Out / Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out / Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out / Change )

    Google+ photo

    You are commenting using your Google+ account. Log Out / Change )

    Connecting to %s

    %d bloggers like this: