RE: DS trojan opens ports fport does not detect?

["Lachniet, Mark" <mlachniet () sequoianet com>]

Are you sure you didn't "clear" the executable for Internet access (in
and out) in order to play a LAN game?  If so, perhaps you cleared the
program for the port 25 and 110 activity as well.  Once the free version
of ZA I use allows a program "out" it doesn't really care what ports it
uses - it just doesn't have that level of granularity.

It would be interesting, but not surprising to see hackers embedding
SMTP relays in game cracks.  What, with the reported financial alliance
between hackers and spammers.  Aside from being an easy way to
distribute cracks (that hardly anyone could sue you for) the people who
run LAN games probably tend to leave their computers on the net for
extended periods of time, making them ideal relays.

The most famous crack site that I am aware of is www.gamecopyworld.com

Mark Lachniet

-----Original Message-----
From: H Carvey [mailto:keydet89 () yahoo com]
Sent: Monday, December 15, 2003 7:56 AM
To: incidents () securityfocus com
Subject: Re: DS trojan opens ports fport does not detect?

> Zone alarm isnt detecting is making outgoing connections. 
> From what you've said so far, it doesn't sound like it would...so your
ZA results aren't suprising.  It's good that you're being thorough,
though. 


---------------------------------------------------------------------------
----------------------------------------------------------------------------