have you had Gator on the system?
i have just finished cleaning a client site that had this same sot of
problem and it all started with Gator.
In my opinion both Gator and Kazaa should been baned from use as they cause
WAAAAAYYYYY to many issues.

check in your registery to make sure that it is not on the system

" ~¿~" <FNORD@CHAOS.DADA> wrote in message
newsTsKa.21025$Ab2.42793@sccrnsc01...

"RCS" <spidermanrulez_898@hotmail.com> wrote in message
news:1056597846.688030@drone5.qsi.net.nz...
Nope, no Gator. I have never downloaded KazAa or KazAa-lite into this
computer, so I am wondering... Could it be a bot posing as KazAa? It's
weird, because I get about 300 packets containing sub-7 trojans everyday.

RCS wrote:

While you are right about Gator, I will have to disagree with you regarding
Kazaa.
Issues involved in Kazaa mostly involve spyware, and the solutions to this
are kind of common knowledge - kazaa lite, adaware and/or spyware are all
suggested methods.
Other issues that may come up from Kazaa or any other program that uses p2p
protocols such as viruses are user-specific problems. Let us not forget
that virtual file sharing has replaced the traditional file sharing, where
you could easily get infected from a floppy disk if you weren't cautious.

The only other issue that comes to my mind regarding banning Kazaa would be
the copyright laws, but this is an issue for another NG, not A.C.S.

--
__________________________________________________
\_______torowbm AT /__ / ACK and thou_______/
\_____otenet DOT / / shall receive_____/
\_____gr /_/ RLU#306453_____/

RCS wrote:

While you are right about Gator, I will have to disagree with you regarding
Kazaa.
Issues involved in Kazaa mostly involve spyware, and the solutions here
are kind of common knowledge - kazaa lite, adaware and/or spybot are all
suggested methods.
Other issues that may come up from Kazaa or any other program that uses p2p
protocols such as viruses are user-specific problems. Let us not forget
that virtual file sharing has replaced the traditional file sharing, where
you could easily get infected from a floppy disk if you weren't cautious.

The only other issue that comes to my mind regarding banning Kazaa would be
the copyright laws, but this is an issue for another NG, not A.C.S.

--
__________________________________________________
\_______torowbm AT /__ / ACK and thou_______/
\_____otenet DOT / / shall receive_____/
\_____gr /_/ RLU#306453_____/

"The Saint" <gur_fnvag@gurfnvag.v-c.pbz> wrote in message
news:1100807632.41bd2ef0@thesaint.i-p.com...
I think we have a firewall newbie here. IIRC Kazaa uses a range of ports,
one of which matches the default Sub7 port. So what the OP is presumably
seeing is actually connect-attempts to a port that the fwall describes as
being used by Sub7; they don't 'contain' the trojan, but under different
circumstances might be construed as attempts to access a Sub7 if there was
one installed on OP's machine.

OP: You've probably just picked up an IP address from your ISP that was
previously being used by someone who was in the middle of a Kazaa session
with some other machines. They must have suddenly gone offline without
shutting down Kazaa, and when you came online and got the IP address they
had been using, the other Kazaa peers kept sending packets because they
didn't know it was now a different machine. Just let your firewall block
the packets and don't worry about it.


DaveK
--
moderator of
alt.talk.rec.soc.biz.news.comp.humanities.meow.mis c.moderated.meow
Burn your ID card! http://www.optional-identity.org.uk/
Help support the campaign, copy this into your .sig!
Proud Member of the Exclusive "I have been plonked by Davee because he
thinks I'm interesting" List Member #<insert number here>
Master of Many Meowing Minions
Holder of the exhalted PF Chang's Crab Wonton Award for kook spankage above
and beyond the call of hilarity.
PGP Key-ID: 0x0FB504D1 Fingerprint 04B7 2E8C 0245 680E 6484 C441 CEC7 D2BD

I use www.dnsredirector.com to prevent P2P File Sharing software and other
spyware from being used / installed on my clients networks

If anyone out there has some more keywords (domain names) to block let me
know. (just reply here)
Also, is there a website or list of more blocking keywords for this program
or others like it?
(although I must say thier 'sample' keywords block 99.9% of the crap I'm
worried about)

Jessica

"RCS" <spidermanrulez_898@hotmail.com> wrote in message
news:1056597846.688030@drone5.qsi.net.nz...

On Sat, 5 Jul 2003 08:26:54 -0500, "Jessica"
<error@doesnotexistonline.com> wrote:

Well, if you want to block P2P, you should also block Remote and Local
Ports 1214 (KaZaa, others), 6346 (Limewire), and 6699 (WinMX), in your
cleint's firewalls. It won't stop savvy users with the newer versions,
but it will stop the older versions of this software as well as the
less-savvy folks who don't know to use non-standard ports for P2P.

DNSredirector looks almost exactly like DNSKong, which I support and
for which I maintain updated lists. Feel free to use my named.txt
file, although nothing on my list is specifically keyed towards
stopping P2P itself; my main concern is the spyware and ad sites.

Sponge
Sponge's Anti-Spyware Source
www.geocities.com/yosponge