LowProventia Network MFS, IBM Security Server Protection for Windows, Proventia Desktop, Proventia Network IDS, Proventia-G 1.1 and earlier, RealSecure Server Sensor, RealSecure Network, BlackICE Agent for Server, BlackICE Server Protection, BlackICE PC Protection, Proventia Server IPS for Linux technology, RealSecure Desktop, Proventia Network IPS, RealSecure Desktop Protector 3.6, Virtual Server Protection for Vmware:
This signature detects an Overnet node searching for file shares.
Low
Proventia Network MFS: XPU 1.1, IBM Security Server Protection for Windows: 1.0.914.0, IBM Security Server Protection for Windows: 2.1.14.2400, Proventia Desktop: 8.0.614.1, Proventia Network IDS: XPU 22.3, Proventia-G 1.1 and earlier: XPU 22.3, RealSecure Server Sensor: XPU 22.3, RealSecure Network: XPU 5.22, RealSecure Network: XPU 22.3, BlackICE Agent for Server: 3.6eof, BlackICE Server Protection: 3.6.cpa, BlackICE PC Protection: 3.6cpa, Proventia Server IPS for Linux technology: 1.0, RealSecure Desktop: baseline, Proventia Network IPS: 2.0, RealSecure Desktop Protector 3.6: baseline, Virtual Server Protection for Vmware: 1.0, Virtual Server Protection for Vmware: 1.0
Linux Kernel, Microsoft Windows, Overnet Overnet
Protocol Signature
Overnet is file sharing software for Microsoft Windows, Mac OS X, and Linux-based operating systems. The remote server is running as an Overnet peer-to-peer (P2P) client.
If peer-to-peer file sharing is not allowed at your organization, Overnet should be uninstalled.
Overnet Web site
eDonkey2000 - Overnet
http://www.overnet.com/
ISS X-Force
Overnet is running on the system
http://www.iss.net/security_center/static/13370.php