GEN:SID | 1:1428 |
Message | MULTIMEDIA audio galaxy keepalive |
Summary | This event is generated when network traffic indicating the use of a multimedia application is detected.
|
Impact | This may be a violation of corporate policy since these applications can be used to bypass security measures designed to restrict the flow of corporate information to destinations external to the corporation.
|
Detailed Information | Multimedia client applications can be used to view movies and listen to music files. Some also include file sharing facilities. Use of these programs may constitute a violation of company policy.
Clients may also contain vulnerabilities that can give an attacker an attack vector for delivering Trojan horse programs and viruses.
|
Affected Systems | All systems running multimedia applications
|
Attack Scenarios | A user can download files from a source external to the protected network that may contain malicious code hidden in the file giving an attacker the opportunity to gain access to a host inside the protected network.
|
Ease of Attack | Simple.
|
Corrective Action | |
Additional References | |