Security Incidents mailing list archives
RE: DS trojan opens ports fport does not detect?
From: "Lachniet, Mark" <mlachniet () sequoianet com>
Date: Tue, 16 Dec 2003 13:24:31 -0500
Are you sure you didn't "clear" the executable for Internet access (in and out) in order to play a LAN game? If so, perhaps you cleared the program for the port 25 and 110 activity as well. Once the free version of ZA I use allows a program "out" it doesn't really care what ports it uses - it just doesn't have that level of granularity. It would be interesting, but not surprising to see hackers embedding SMTP relays in game cracks. What, with the reported financial alliance between hackers and spammers. Aside from being an easy way to distribute cracks (that hardly anyone could sue you for) the people who run LAN games probably tend to leave their computers on the net for extended periods of time, making them ideal relays. The most famous crack site that I am aware of is www.gamecopyworld.com Mark Lachniet -----Original Message----- From: H Carvey [mailto:keydet89 () yahoo com] Sent: Monday, December 15, 2003 7:56 AM To: incidents () securityfocus com Subject: Re: DS trojan opens ports fport does not detect?
Zone alarm isnt detecting is making outgoing connections. From what you've said so far, it doesn't sound like it would...so your
ZA results aren't suprising. It's good that you're being thorough, though. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- DS trojan opens ports fport does not detect? junk (Dec 12)
- <Possible follow-ups>
- Re: DS trojan opens ports fport does not detect? H Carvey (Dec 16)
- RE: DS trojan opens ports fport does not detect? Lachniet, Mark (Dec 16)