RE: WinMX and FTP

Mon, 17 Sep 2001 08:29:21 -0700 

Stuart,

The only thing different from regular WinMX use was that I FTP'd some
software from ftp.home.net to check on my download speed. Something which
actually killed a download in WinMX. Anyway, that FTP connection was
disconnected. I have no idea how that FTP from home.net and the FTP from the
ADSL user from Denmark are connected. I still hope for somebody to tell me
how they did it and how I could have seen what this person was downloading
(I suspect WinMX shared stuff). Thanks for your interest.

................ Frank

> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 13, 2001 10:32 AM
> To: Frank Smith
> Cc: [EMAIL PROTECTED]
> Subject: Re: WinMX and FTP
>
>
>
>
> Hi Frank,
>
>      I too would like to know about this. After the Nudester
> exploit a little
> while back I did do some sniffing
> on FTP for WinMX to see if it too had the vulnerability. However,
> I could find
> nothing conclusive, just the normal
> encrypted packets.
>
> Has anyone else seen anything different.
>
> --
> Stuart
>
>
>
>
>
> "Frank Smith" <[EMAIL PROTECTED]> on 13/09/2001 00:13:03
>
>
>
>
> To:   "Security Basics" <[EMAIL PROTECTED]>
> cc:    (bcc: Stuart Luscombe/COSS/CCenter)
>
> Subject:  WinMX and FTP
>
>
>
> Hi,
>
> I am running W2K Prof SR2 and sometimes use file sharing program
> WinMX. This
> afternoon, I discovered on my Speedometer that 100K/s FTP was happening.
> Netstat -a revealed an established FTP connection to an ADSL user in
> Denmark.
> As soon as I closed WinMX, the FTP connection died and the port
> used went to
> listening. I told my firewall router to block outgoing FTP and restarted,
> but that is not the greatest solution.
> Can somebody tell me how I could have viewed what the person was
> uploading?
> Can somebody with WinMX/Gnutella protocol knowledge explain how
> this person
> was able to start the FTP connection?
> Thanks!
>
> Frank
>
>
>
>
> ---
> Incoming mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.277 / Virus Database: 146 - Release Date: 9/5/2001
>

Reply via email to