LowRealSecure Desktop, Proventia Server IPS for Linux technology, Proventia Network IPS, RealSecure Desktop Protector 3.6, Proventia Network MFS, IBM Security Server Protection for Windows, Proventia-G 1.1 and earlier, Proventia Desktop, Proventia Network IDS, BlackICE Agent for Server, BlackICE Server Protection, BlackICE PC Protection, RealSecure Server Sensor, RealSecure Network, Virtual Server Protection for Vmware:
This signature detects a edonkey file transfer.
Low
RealSecure Desktop: baseline, Proventia Server IPS for Linux technology: 1.0, Proventia Network IPS: 2.0, RealSecure Desktop Protector 3.6: baseline, Proventia Network MFS: XPU 1.18, IBM Security Server Protection for Windows: 1.0.914.0, IBM Security Server Protection for Windows: 2.1.14.2400, Proventia-G 1.1 and earlier: XPU 22.21, Proventia Desktop: 8.0.614.1, Proventia Network IDS: XPU 22.21, BlackICE Agent for Server: 3.6eof, BlackICE Server Protection: 3.6.cpa, BlackICE PC Protection: 3.6cpa, RealSecure Server Sensor: XPU 22.21, RealSecure Network: XPU 22.21, Virtual Server Protection for Vmware: 1.0
Linux Kernel, Microsoft Windows NT: 4.0, Microsoft Windows 98, Microsoft Windows 2000, Microsoft Windows Me, Microsoft Windows XP, Apple Mac OS X: 10.2
Suspicious Activity
The Edonkey application is installed on a system. Edonkey is an application that helps users locate, upload, and download files over the Internet.
If use of the Edonkey application is not in compliance with your system policy, consider uninstalling the Edonkey application. It may be helpful to remind users of your system policy regarding the use of Edonkey or similar applications.
Edonkey Web site
Edonkey
http://www.edonkey2000.com
ISS X-Force
Edonkey is present on the system
http://www.iss.net/security_center/static/10627.php