I was wondering why my Kazaa Lite all of a sudden connects after opening Zone Alarm. Can anyone tell me? It's a mystery to me.

No, I open Zone Alarm than I close it and than I open Kazaa Lite and it connects fine.

You gotta check you firewall configurations. You may not have allowed inbound/outbound access to Kazaa. You should also know that Zonealarm is notorious for its cracks.

Meaning that their are alot of hacks and cracks that disable zonealarm or cause misfunctions to the program. Many programs, music, video that are received through Kazaa are binded with trojan, without your knowledge, to disable zonealarm and its utilities.

Do you have anti virii running? I suggest you make a scan.

Also, if you can, get Mc Afee anti virus and Mc Afee Firewall. I have tried them all and I definately can tell you that they are the best. Norton and Zonealarm are nice, but have cracks.

Many programs, music, video that are received through Kazaa are binded with trojan, without your knowledge, to disable zonealarm and its utilities.
wtf!! u want to actually show some proof to back up that statement?
Also, if you can, get Mc Afee anti virus and Mc Afee Firewall. I have tried them all and I definately can tell you that they are the best. Norton and Zonealarm are nice, but have cracks.
again wtf?? every software firewall can be overcome by a decent hacker. IMHO mcafee antivirus is inferior to Norton and i have used the most recent versions of both.

@dragoonballz: assuming u have given kazaa inbound/outbound access it sounds like something may be corrupted. i'd uninstall both firewall and kazaa lite. install a firewall other than zonealarm (sygate/norton i'd recommend) then reinstall kazaa lite.

My good friend Galileo sent me this info via PM before I got a chance to see your post. Though he has given me right to take credit for his research, I cant do that. Cheers Galileo!

If I would have read this POST before I got the PM, I would have been a little bit more vulgar and supplied 10 times the research because you post with confidence on a subject that you obviously know very little about. You should do a search and see some of my earlier posts to people who answer with such confidence on subjects that they dont know what they are talking about.

Also, I use Mc Afee because it is an online service that updates every 12 hours. Nothing is inferior to a good trojan, but Mc Afee sure does know what the fuck they are doing.

Also, Firewalls and Anti Virus doesnt sell security, it sales time, the question is HOW MUCH TIME - til someone can get in.

http://vil.nai.com/vil/content/v_99949.htm

Virus/Worm Name: W32/Lirva.a

It spreads over Kazaa.
It tries to terminate security software, including ZONEALARM.EXE
It kills the Zonealarm program. (McAfee too by the way)

The worm contains a password-stealer, and sends your account info out on the internet.

The worm arrives via email, is sent to IRC or ICQ users, and may propagate via KaZaa.

Once infected, VirusScan may not be able to run as the virus can terminate the process before any scanning/removal is accomplished.

and here:
http://uk.gsmbox.com/news/mobile_news/all/63077.gsmbox
http://bsdvault.net/article.php?sid=363

Here is code to actually do it:
http://www.packetstormsecurity.com/0109-exploits/km.pl

--
http://216.239.33.100/search?q=cach...&hl=en&ie=UTF-8

Well he wanted proof lol.

Many programs, music, video that are received through Kazaa are binded with trojan

the part of that i wanted proof of was the "music, video." i still don't see any....

btw i wasn't disagreeing about viruses spread being spread through kazaa that can disable AV and firewalls.

overdo:

Yes you can get infected from a file ending in .mp3 or .mpg or .avi

Here is your info:

1. A malicious user digitizes (rips) a song. He saves it in .rm format or .asf or .wma format.

2. Using the Microsoft Windows Media Advanced Script Indexer, one can embed URLs into media files, including WMA files. The malicious user, uses the Advanced Script Indexer to insert and edit scripts within that Windows Media file which will launch a URL as soon as the file is played.

3. The malicious user creates a website. That website contains virus code, such as NIMDA, which can infect by the mere browsing of the page. Nothing has to be executed, as far as an attachment, or .exe file goes. There are viruses that can infect simply by viewing.

4. The malicious user then RENAMES the .wma file to something like: Limp Bizkit - Nookie - (Live in Australia!).mp3 or Spiderman (Full Version - High Quality).mpeg or DragonballZ - Rare Episode.avi or whatever. You won't know.

These now appear just like .mp3 files, .mpg files, and .avi files. Not only that, but they are also the correct size, several megs for an mp3, and can be hundreds of megs for an mpeg or avi, and not only that, it will actually play the song, and show the movie.

Now, what happens is this....

User searches on a p2p program. Search hits on the name, that file comes up in their search results. It's the right size for an mp3 file, the name is ok, no double extension, it even has a bitrate quality level, everything will look normal. It can be ANY song name, any mp3, maybe the next one YOU download and play.

The .mp3 file downloads. User thinks it's safe. Double clicks on it. --Now normally, if you renamed a .exe file to .com or you renamed a .pdf file to .xls that's NOT gonna open correctly, but guess what... When you click on that .mp3 file, it is a valid extension for Windows Media Player, so Windows Media Player will LAUNCH! Not only that, but you'd think it would know that it's actually a .wma inside, but it won't say ANYTHING. It will PLAY IT! And guess what... It can be the actual song that is reflected in the name of the file too, so it even PLAYS!

So at this point, you see a .mp3 file, it's named right, size in Kbytes looks just fine, you download it, you click on it, it even PLAYS the song you expected! But guess what....

The embedded script data inside the .mp3 file just activated, and it took you to a URL and it just infected you! You now have a virus.

And it can be a 3 meg or an 800meg file that infected you.

In addition, this script data, can also exploit a bug which allows execution of malicious code within the player.

(By the way, this affected Realplayer too, in addition to Windows Media Player. And WINAMP has problems as well.)



Ok, now, since you're always asking for proof, here are some references so that you can go check this out for yourself and see:

This is Microsoft's Security Bulletin on the issue. Note that it affects nearly ALL versions of WMP from 6.4 up to XP. excluding 9. This is not little BOOTY BUTTHEIMER's plinky website, this is official Microsoft here:
http://www.microsoft.com/technet/tr...in/MS01-056.asp

CNN Article on the problem:
http://edition.cnn.com/2000/TECH/co...r.security.idg/

Here is PCWORLD's Critical Flaw Article:
http://www.pcworld.com/news/article/0,aid,72604,00.asp

This is RealNetworks Security Alert Bulletin on the problem:
http://service.real.com/help/faq/se...feroverrun.html


This site refers to the fact that there is absolutely no such thing as a "safe" extension anymore, contrary to BOOTIE McFRUITY:
http://cert.uni-stuttgart.de/archiv...3/msg00038.html

BUGTRAQ Article on the media file extension problem:
http://cert.uni-stuttgart.de/archiv...3/msg00020.html

BERKELEY Article on Streaming Media vulnerabilities:
http://www.lisarein.com/mediaplayerlinks.html

SECURITYFOCUS Warning:
http://online.securityfocus.com/news/338
"A quirk in media players from Microsoft and RealNetworks could enable attackers to hijack Web browsers and run scripts on the computers of some MP3 music fans.
The trick has apparently been discovered by pornography sites and spammers, which have been seeding some music file trading services with bogus MP3 music files. "