EmergingThreats> Main Web>MalwareDocs>GrooveNet (2008-07-11, MattJonkman) EditAttach

Groove.Net

Groove.net is a vierual office suite. It's a perfectly legitimate app, looks quite nice. We do not have these rules here because the application is in any way mailcious or hostile. It allows remote storage and manipulation of internal data, which may be sensitive.

In many environments that is not an allowable practice. These signatures will alert admins when the product is in use. If it is allowed in your environment, then do not run these signatures.

The signatures included are 2003599-2003602

The application is SOAP based and does not appear to more than very basicly encrypt. All requests and posts are via http.

All related material here:

2018358 TWikiGuest 2019-10-09 - 23:08
2003599 TWikiGuest 2009-02-12 - 00:15
2003600 TWikiGuest 2009-02-12 - 00:15
2003602 TWikiGuest 2009-02-12 - 00:15
2003601 TWikiGuest 2009-02-12 - 00:15
GrooveNet MattJonkman 2008-07-11 - 15:05

-- MattJonkman - 20 Apr 2007

Edit | Attach | Print version | History: r2 < r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r2 - 2008-07-11 - MattJonkman
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats