Author Topic: wtf??  (Read 7583 times)

0 Members and 1 Guest are viewing this topic.

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: wtf??
« Reply #15 on: December 31, 2005, 04:09:55 pm »
However, if any bittorrent client had a vulnerability in it, it could be taken advantage of.  The scanner program might have picked up an exploit for a different version of a different program, or something. 

Or, the signature might just suck.  I've noticed while using Snort to monitor traffic, when I'm downloading something off BitTorrent, it often picks up on signatures that it sees that are purely coincidental. 

Haha, yeah.  It still makes it that much harder, though! :)

Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: wtf??
« Reply #16 on: December 31, 2005, 04:14:21 pm »
The data would've been rejected anyway, since bittorrent data is checksum'd as it's recieved.

However, if any bittorrent client had a vulnerability in it, it could be taken advantage of.  The scanner program might have picked up an exploit for a different version of a different program, or something. 

Or, the signature might just suck.  I've noticed while using Snort to monitor traffic, when I'm downloading something off BitTorrent, it often picks up on signatures that it sees that are purely coincidental. 
No, I run the same programs and nothing new.. and the thing only tries to exploit me when Azureus is running, which leads me to believe that it's something of how it screws with my ports.  Port 80 seems to be the key port... which, oddly enough, Azureus loves to use! Hmm..
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: wtf??
« Reply #17 on: December 31, 2005, 04:19:42 pm »
However, if any bittorrent client had a vulnerability in it, it could be taken advantage of.  The scanner program might have picked up an exploit for a different version of a different program, or something. 

Or, the signature might just suck.  I've noticed while using Snort to monitor traffic, when I'm downloading something off BitTorrent, it often picks up on signatures that it sees that are purely coincidental. 

Haha, yeah.  It still makes it that much harder, though! :)

It makes it harder to GET the virus, but it doesn't make it any harder to see the signature for it. 

Offline Joe

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: wtf??
« Reply #18 on: December 31, 2005, 04:24:34 pm »
What I was saying is that the tracker is giving you a list of IP's. If you simply implement the tracker protocol, you're harvesting yourself some IP addresses, to which you could send malicious data, not exclusively over the BitTorrent protocol.
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: wtf??
« Reply #19 on: January 01, 2006, 12:29:22 pm »
Azureus blows. Big nuts.  In hell.  I turn off UPnP, I have all the required ports open, and now it's bitching about Distributed Hash Tables. -.-
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: wtf??
« Reply #20 on: January 01, 2006, 02:54:01 pm »
Azureus blows. Big nuts.  In hell.  I turn off UPnP, I have all the required ports open, and now it's bitching about Distributed Hash Tables. -.-

Blasphemer.

Offline deadly7

  • 42
  • x86
  • Hero Member
  • *****
  • Posts: 6496
    • View Profile
Re: wtf??
« Reply #21 on: January 01, 2006, 03:35:38 pm »
Kekeke, I know where the guy that sent exploits to me lives. <3 DNSSTUFf, I emailed his ISP (which is owned by America Online) about it, and if they don't fix it then I e-mail AOL about it and see to it that he = terminated.
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
 [17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine