Funny this comes around right now. I too am monitoring imesh and a few other mp3 programs. Audio Galaxy owns to class c's so blocking them at the firewall is easy (64.245.58.x 64.245.59.x). But iMesh is a little more tricky. Not to mention all the spyware that goes along with these programs (key stroke loggers, cookie stealers etc).
If you monitor the network with network ice sensors you will see alot of : HTTP Several fields with Binary HTTP with Binary and after drilling down via icecap you will see alot of these will go to www.imesh.com and to various live365.com address's as well. Both are either listening/playing broadcasted music or in imesh case, sharing files accross your network. If anyone has had success with tracking these down, let us know..this issue is growing every day and short of scanning HD's at boot up and uninstalling the software, I'm not sure how to stop it. Another concerned analyst... -----Original Message----- From: Pedro Fernandez [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 12, 2001 1:44 PM To: [EMAIL PROTECTED] Subject: Imesh detection TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ---------------------------------------------------------------------------- Hi everyone I need detect application for file sharing call "IMESH.EXE". Exists any method to stopped this application. Any ideas??? Thanks in advance Pedro Fern�ndez A. Consultor en Seguridad - ISS Certified Orion 2000 S.A.- Servicios Profesionales en Seguridad Inform�tica La Concepci�n 322 Piso 12 Providencia Santiago, Chile Fono : 56-2-6403942, Fax : 56-2-6403990 mailto:[EMAIL PROTECTED] http://www.orion.cl
